shoot-yalla.to Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Submission: On June 03 via manual (June 3rd 2023, 2:35:58 pm UTC) from US — Scanned from NL

Summary HTTP 304 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 73 IPs in 9 countries across 58 domains to perform 304 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is shoot-yalla.to.
TLS certificate: Issued by E1 on May 24th 2023. Valid for: 3 months.

This is the only time shoot-yalla.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
11	108.138.36.75 108.138.36.75	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:25::1726:6216	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.21.233.171 104.21.233.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	172.64.99.22 172.64.99.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
6	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
4	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225b:3a00:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
16	45.84.217.97 45.84.217.97	212411 (MYWEB) (MYWEB)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	52.51.69.125 52.51.69.125	16509 (AMAZON-02) (AMAZON-02)
9	143.204.215.15 143.204.215.15	16509 (AMAZON-02) (AMAZON-02)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	2606:4700:e6:... 2606:4700:e6::ac40:cf21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 32	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	34.237.109.233 34.237.109.233	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:794::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	141.95.4.204 141.95.4.204	16276 (OVH) (OVH)
7	2404:6800:400... 2404:6800:4006:804::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	104.102.40.143 104.102.40.143	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
1 1	107.23.98.28 107.23.98.28	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:7391:985f:3e9d:2132	16509 (AMAZON-02) (AMAZON-02)
1 1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 4	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	3.215.53.2 3.215.53.2	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4009:34::8	15169 (GOOGLE) (GOOGLE)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.214.153.92 35.214.153.92	15169 (GOOGLE) (GOOGLE)
5	52.54.122.158 52.54.122.158	14618 (AMAZON-AES) (AMAZON-AES)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 1	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 2	95.101.54.217 95.101.54.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.220.29.54 3.220.29.54	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2 2	52.210.227.93 52.210.227.93	16509 (AMAZON-02) (AMAZON-02)
2	18.184.33.63 18.184.33.63	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:9000:225... 2600:9000:225b:9000:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	3.226.219.33 3.226.219.33	14618 (AMAZON-AES) (AMAZON-AES)
304	73

7 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

shoot-yalla.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.138.36.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-75.muc50.r.cloudfront.net

mediation.magnetssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:25::1726:6216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.233.171 (None, )

ASN13335 (CLOUDFLARENET, US)

dalbouh.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.99.22 (United States)

ASN13335 (CLOUDFLARENET, US)

web-api.scorarab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0c:5c81:5142::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:3a00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 45.84.217.97 (Valencia, Spain)

ASN212411 (MYWEB, BZ)

a7.koora.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.69.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-69-125.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.215.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-15.fra53.r.cloudfront.net

www.boomplaygames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cf21 (United States)

ASN13335 (CLOUDFLARENET, US)

us.hdtvcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.109.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-109-233.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:794::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.4.204 (France)

ASN16276 (OVH, FR)
PTR: ip204.ip-141-95-4.eu

storage.de.cloud.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4006:804::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.40.143 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-40-143.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (New York, United States) 1 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.98.28 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-98-28.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:7391:985f:3e9d:2132 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.53.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-53-2.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:34::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)

rr3---sn-aigzrn7d.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.153.92 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.54.122.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-122-158.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (Amsterdam, Netherlands) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.54.217 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-217.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.29.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-29-54.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.227.93 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-227-93.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.33.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-33-63.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:9000:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.219.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-219-33.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	873 KB
35	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	305 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	316 KB
16	koora.cloud a7.koora.cloud	3 MB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66 imasdk.googleapis.com — Cisco Umbrella Rank: 486	138 KB
11	magnetssp.com mediation.magnetssp.com — Cisco Umbrella Rank: 346364	18 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 366	218 KB
10	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	2 KB
9	boomplaygames.com www.boomplaygames.com — Cisco Umbrella Rank: 596421	467 KB
9	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 137766 adipolo.com — Cisco Umbrella Rank: 118320 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 164362	153 KB
9	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 74608 servt.modoro360.com — Cisco Umbrella Rank: 83468 serv.modoro360.com — Cisco Umbrella Rank: 94283 servs.modoro360.com — Cisco Umbrella Rank: 293936	13 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2331 ads.eu.criteo.com — Cisco Umbrella Rank: 7804 bidder.criteo.com — Cisco Umbrella Rank: 748	21 KB
7	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	106 KB
7	shoot-yalla.to shoot-yalla.to	490 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	749 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	199 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1117 eus.rubiconproject.com — Cisco Umbrella Rank: 614 token.rubiconproject.com — Cisco Umbrella Rank: 605 pixel.rubiconproject.com — Cisco Umbrella Rank: 362	12 KB
5	google.nl adservice.google.nl — Cisco Umbrella Rank: 13768	1 KB
4	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 540 image6.pubmatic.com — Cisco Umbrella Rank: 762	17 KB
4	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 826	737 B
4	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 23159 player.avplayer.com — Cisco Umbrella Rank: 14857 content1.avplayer.com — Cisco Umbrella Rank: 25713	255 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	185 KB
3	aniview.com player.aniview.com — Cisco Umbrella Rank: 2008 sync.aniview.com — Cisco Umbrella Rank: 2152 track1.aniview.com — Cisco Umbrella Rank: 1971	126 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
3	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 124400	17 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1494	24 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 340	291 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 648	795 B
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2524 vpaid.vidoomy.com — Cisco Umbrella Rank: 3113	19 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 611	1 KB
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452 ups.analytics.yahoo.com — Cisco Umbrella Rank: 315	707 B
2	owneriq.net 1 redirects px.owneriq.net — Cisco Umbrella Rank: 1637	476 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1552	359 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 797 id5-sync.com — Cisco Umbrella Rank: 429	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 995 bcp.crwdcntrl.net — Cisco Umbrella Rank: 871	12 KB
2	scorarab.com web-api.scorarab.com — Cisco Umbrella Rank: 581266	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	126 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 718	400 B
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 27717	3 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 617	651 KB
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 601	276 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 616	657 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 993	314 B
1	googlevideo.com rr3---sn-aigzrn7d.googlevideo.com — Cisco Umbrella Rank: 82903	139 KB
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 8857	291 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4977	611 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 6486	731 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 518	874 B
1	ovh.net storage.de.cloud.ovh.net — Cisco Umbrella Rank: 114476	15 KB
1	hdtvcloud.com us.hdtvcloud.com	690 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5686	334 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	608 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1445	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1448	2 KB
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 7073	5 KB
1	dalbouh.xyz dalbouh.xyz
0	Failed function sub() { [native code] }. Failed
304	58

	Domain	Requested by
32	tpc.googlesyndication.com	1 redirects shoot-yalla.to securepubads.g.doubleclick.net googleads.g.doubleclick.net 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
31	pagead2.googlesyndication.com	mediation.magnetssp.com pagead2.googlesyndication.com shoot-yalla.to www.boomplaygames.com googleads.g.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
16	a7.koora.cloud	cdn.jsdelivr.net
15	securepubads.g.doubleclick.net	jscdn.greeter.me www.googletagservices.com securepubads.g.doubleclick.net shoot-yalla.to
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com shoot-yalla.to googleads.g.doubleclick.net
11	mediation.magnetssp.com	shoot-yalla.to mediation.magnetssp.com
10	fonts.googleapis.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
9	www.boomplaygames.com	mediation.magnetssp.com www.boomplaygames.com
7	cm.g.doubleclick.net	www.boomplaygames.com googleads.g.doubleclick.net
7	csi.gstatic.com	imasdk.googleapis.com www.gstatic.com
7	static.criteo.net	securepubads.g.doubleclick.net www.boomplaygames.com acdn.adnxs.com static.criteo.net
7	shoot-yalla.to	shoot-yalla.to
6	s0.2mdn.net	shoot-yalla.to cdn.ampproject.org
6	cdn.jsdelivr.net	shoot-yalla.to securepubads.g.doubleclick.net acdn.adnxs.com
5	servs.modoro360.com	player.aniview.com vid.vidoomy.com
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	adservice.google.nl	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	onetag-sys.com	1 redirects player.aniview.com acdn.adnxs.com
4	gum.criteo.com	2 redirects static.criteo.net
4	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
4	www.googletagservices.com	jscdn.greeter.me googleads.g.doubleclick.net 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
3	ads.pubmatic.com	player.aniview.com vid.vidoomy.com
3	jscdn.greeter.me	shoot-yalla.to
2	script.4dex.io	acdn.adnxs.com script.4dex.io
2	x.bidswitch.net
2	ad.360yield.com	2 redirects
2	ads.stickyadstv.com	1 redirects player.aniview.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	px.owneriq.net	1 redirects www.boomplaygames.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	servt.modoro360.com	shoot-yalla.to
2	player.avplayer.com	tg1.modoro360.com shoot-yalla.to
2	mug.criteo.com	shoot-yalla.to
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	web-api.scorarab.com	shoot-yalla.to
2	www.googletagmanager.com	shoot-yalla.to www.googletagmanager.com
1	track1.aniview.com	player.aniview.com
1	ap.lijit.com	acdn.adnxs.com
1	bidder.criteo.com	acdn.adnxs.com
1	wrappers.geoedge.be	acdn.adnxs.com
1	pixel.rubiconproject.com
1	pixel-sync.sitescout.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	securepubads.g.doubleclick.net
1	vpaid.vidoomy.com	vid.vidoomy.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	player.aniview.com
1	vid.vidoomy.com	player.aniview.com
1	sync.aniview.com	player.aniview.com
1	sync.1rx.io	1 redirects
1	bh.contextweb.com	1 redirects
1	csync.loopme.me	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	rr3---sn-aigzrn7d.googlevideo.com	googleads.g.doubleclick.net
1	serv.modoro360.com	player.aniview.com
1	s.uuidksinc.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	fksnk.com	1 redirects
1	aep.mxptint.net	1 redirects
1	sync.mathtag.com	1 redirects
1	ads.eu.criteo.com	imasdk.googleapis.com
1	storage.de.cloud.ovh.net	shoot-yalla.to
1	content1.avplayer.com	shoot-yalla.to
1	player.aniview.com	player.avplayer.com
1	feed.avplayer.com	tg1.modoro360.com
1	us.hdtvcloud.com	cdn.jsdelivr.net
1	pro.ip-api.com	cdn.jsdelivr.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	player.adtelligent.com	player.aplhb.adipolo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	adipolo.com	shoot-yalla.to
1	dalbouh.xyz	shoot-yalla.to
1	tg1.modoro360.com	shoot-yalla.to
0	us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif Failed	player.aniview.com
304	87

This site contains links to these domains. Also see Links.

Domain
signup.adipolo.com
lives.shoot-yalla.tv
yacine-tv.live
hesgoal-tv.io
live-kora.tv
yalla-shoots.to

Subject Issuer	Validity	Valid
shoot-yalla.to E1	`2023-05-24` - `2023-08-22`	3 months	crt.sh
greeter.me E1	`2023-05-15` - `2023-08-13`	3 months	crt.sh
*.magnetssp.com Amazon RSA 2048 M02	`2022-11-18` - `2023-12-17`	a year	crt.sh
wl1.aniview.com R3	`2023-05-09` - `2023-08-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-24` - `2024-02-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
scorarab.com GTS CA 1P5	`2023-05-28` - `2023-08-26`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
adipolo.com E1	`2023-05-06` - `2023-08-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2023-04-06` - `2023-07-05`	3 months	crt.sh
player.adtelligent.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
a7.koora.cloud R3	`2023-05-14` - `2023-08-12`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.boomplaygames.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-06`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.adservrs.com Amazon RSA 2048 M01	`2023-05-26` - `2024-06-23`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
storage.de.cloud.ovh.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-25` - `2024-01-25`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-05-23` - `2023-08-01`	2 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh

This page contains 41 frames:

Primary Page: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Frame ID: 5C6E2DFD4A7059225B591B59E06465A3
Requests: 80 HTTP requests in this frame

Frame: https://shoot-yalla.to/frame.php?ch=b1eng_1&p=7&token=NmY3NDc1NzU2ZDZhNjU3ODZjNmE2NTM1NmY3MzM0Nzg2ZTc0NjI3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1685802947
Frame ID: 5EA9105371C26E83BD6B51E95EB4380B
Requests: 24 HTTP requests in this frame

Frame: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
Frame ID: 9BE3B3D1E2E4A19D449BB7AE37BFAC2D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: 0FEABBF853C1216BF9F901777BC63CE7
Requests: 1 HTTP requests in this frame

Frame: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9DD0413FD80617971921F97DBF3F2C65
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=shoot-yalla.to
Frame ID: 66259604050B3C795BE722D9662F80B8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=1573534164&lmt=1685802937&plat=1%3A16777280%2C2%3A64%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802947413&bpp=5&bdt=460&idt=263&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5866812604701&frm=20&pv=2&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31075004%2C44788442&oid=2&pvsid=3552925523421010&tmod=2063129335&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: FB29127444638CDCE0969FDD945D05CF
Requests: 1 HTTP requests in this frame

Frame: https://www.boomplaygames.com/afgegg?at=1
Frame ID: 0D6C874727694709A653703D8FF99F5C
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1685802937&rafmt=1&format=1200x280&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802947708&bpp=2&bdt=754&idt=3&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5866812604701&frm=20&pv=1&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31075004%2C44788442&oid=2&pvsid=3552925523421010&tmod=2063129335&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Oc17U0ADKj&p=https%3A//shoot-yalla.to&dtd=8
Frame ID: 783292155D5B230405DBBE2325252194
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: 5030184EA01C73A5754DF5DF5C73954C
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: BC863A7E6A522B686F6A8F6ED3F6434B
Requests: 22 HTTP requests in this frame

Frame: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9F558070A19238DC1E9927AD05BFD41
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3279755403&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802947974&bpp=3&bdt=110&idt=348&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=1531405223354&frm=24&ife=1&pv=2&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.kc3rny76z09a&fsb=1&dtd=369
Frame ID: 057CEFAFED8E11D95B52C9250AB94E71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6
Frame ID: F0FE1D24EEA93F1825ED5625089DD46C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378855&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948735&bpp=1&bdt=871&idt=0&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.gy3ha2o1ydqt&fsb=1&dtd=3
Frame ID: 59179D569386686FACDF73235E3B73C1
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Frame ID: C0803780BC9A8D50BCDB1056E2B52F81
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js
Frame ID: 5CF7188863109A9B134F2B73AC346904
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js
Frame ID: C40AB2C3ADDF4DE7B790AFC329206C4A
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Frame ID: 0E8C0DD541A7D8FD69C788EDB8B7E865
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB1DE23DA700D44FEC1CD7F75A31F1AB
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: 3A3920DC8423ED721037D85EE1741A03
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A08C2986865521EF819DDADE71A1E46
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BEA1EBDE4D63417969DE87932C55238E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 32B6381AE5A1DFCC0AAEE735E01CC9C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C0E0EA61452DD5E1F7035B0BE75499B2
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: A2E18E1C1F57E0C3C135352B229287D0
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: A66F54428FD0809F56E7F07EE41C4896
Requests: 3 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1685802950219-999425910858-001213-006-004277&key=80b0de72-807c-407a-b6e0-1c93a424de24&gdpr_consent=null&gdpr=1
Frame ID: 7FA6A8279CDB6485C985E672EF78F5B5
Requests: 1 HTTP requests in this frame

Frame: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1685802950219-999425910858-001213-006-004277&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%24%7BUID%7D
Frame ID: 67EBE6AC0D56C1A3B95F9D9077055C09
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D
Frame ID: F3EA10DF0927138D2B2652D7B65F2A4B
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1685802950219-999425910858-001213-006-004277&key=rYaKZUw3jXHf&ev=1&us_privacy=1---&pid=562704
Frame ID: 8DD026D6B50A7E65CE11A03394E67421
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: FA40CDF4ABC897679A39EB277C58B84C
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1685802950219-999425910858-001213-006-004277&key=OPTOUT
Frame ID: B96FAC0D0B683A081663054622FBA5C4
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a6b584709255e1ae30f947902540b5f&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 3888498B532663CDABB62E7A81C908B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 01C163FA7F4879430AE2D61BDF2E20F9
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1685802950219-999425910858-001213-006-004277&key=a6f37f0123013099a595be2217fc435a
Frame ID: 1F88A64848434691AEDB281DC752509E
Requests: 5 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 1EE6A26802C02617A8FFBB1E1991E73C
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1685802950219-999425910858-001213-006-004277&key=5b0a48d5-ab14-4951-9b61-7c14d4ae47b7
Frame ID: F2C647FA9F4081FDC0EE840A08416344
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7dulPf_kLSgjHaFxqh9if_z5G5L5kp3tsHcv9DX575PBXTHNqJIcL1e9hDq4MfLgS0-LEN6HDXVQ2wUIjigt_wvKKFZG8bDBGNyZ7YzkslyjHyjKXyMFsGRt5MEXLZbv30sgssd1KOBTjKkTvF2l59EYVIf-HmhDa_OH7Cn_nH0xMUi-XOQx3TxLXwV0dmPOzBhclxfDhBFprFTfZYQBeF4L2PETyYDINvgcnqad3kk2Mj8Uebn3S_sjSd6lXiIZmuxXnk1opwpMuQ_FuLzHdt3bP_AIN3fnOz3UfrPYSpU3Wmp9Ij17JJtppibOE6czJOWnMHRKlUA&sai=AMfl-YRsVf_ulqDsj7xfU21L74HUETQKgcsrYiTG22BSWuZpDaDuEWxrJC6vsvO1vcPjCOpb7g8LHcL9bFuQzgywkaDvAtML3Iu6BKyRQCKofJr_LMA0b61E6KESZzsQfBU&sig=Cg0ArKJSzBHL9TWbELcfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 77D0085105F3AD5E43B50811B4B2F1FA
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=1&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Frame ID: 55A9EE6239DD76EE36DAFD8F1B25CD38
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shoot-yalla.to
Frame ID: EE19BA2BA73553732F326F88266B49BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Manchester City Vs Manchester Utd - England : FA Cup - 2023-06-03 | Yalla Shoot Live

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

304
Requests

95 %
HTTPS

44 %
IPv6

58
Domains

87
Subdomains

73
IPs

9
Countries

8573 kB
Transfer

18145 kB
Size

37
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.adipolo.com/

Search URL Search Domain Scan URL

URL: https://lives.shoot-yalla.tv/%3E%20%20%20Yalla%20Shoot%3C/a%3E%3C/li%3E%20%3Cli%20%20class=

Search URL Search Domain Scan URL

URL: https://yacine-tv.live/
Title: ياسين تيفي Yacine TV

Search URL Search Domain Scan URL

URL: https://hesgoal-tv.io/
Title: Hesgoal

Search URL Search Domain Scan URL

URL: https://live-kora.tv/
Title: kora live - كورة لايف

Search URL Search Domain Scan URL

URL: https://yalla-shoots.to/
Title: Yalla Shoot

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://gum.criteo.com/sid/json?origin=publishertagids&domain=shoot-yalla.to&sn=ChromeSyncframe&so=0&topUrl=shoot-yalla.to&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=o1OJfHxxaHd4cjhsbkQwOTB6d1QvTVhENXBYM3BtbCtieWRMdVQxTnh0S2cySDM3dW9rQ3RwclhYalZZTXJuL1ZoL0grTC9FL3JJbFFBV1JoOXFtLzVuSzJuVTdSc3djL2RNbDBKWnY4czVIQVR4TmFjVkNaMHBpTGtMd1c0TXZOTkR3amRLMFJXU1dKczU2U0VoeWhZTU0ySmpPY2xXYitFRW9MWkhiKzBRVDRhVC9uTjE2THRTblZjRmtMdWM2Ukx0VWIvTEZMc1JiZHo5b21aai9ZVW1NeS93MGJEVjJkeVcxSDJ5dFErNHFUT1Z1SU9GUG84WGxuZEE0RWRmOW5Bc2NuNHRxNUZXcWtYNTVKUzk3dWo1VVJ0UT09fA&cppv=2

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA1OW6KhDEExjEEzII5sikwV9UQUQ HTTP 301
https://tpc.googlesyndication.com/simgad/16323034589907184376

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 213

https://px.owneriq.net/ecmg?google_gid=CAESEDS1gxq4fOtk25sE1ouj-WA&google_cver=1&google_push=ATf1kGPg6SumhhIlqglTLMTnnK2sOJJI79_2_NstEjEnyEP5dn4excw7pOx4pYrYbJVJfuMs1ECCKC5hgRAc6tS730Nd43BEkMD5UA HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 214

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHtP7IZ00jr22kBVEyx28jY&google_cver=1&google_push=ATf1kGMqzBAKXKcLFIuJFlR7RGi6n0UrKt0ZcqiBKvy1JE-rGki5BGEp5lj0TzymEPbnsXINF3DN9ncJWBYws6M0WFtPQCt1h4ky5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMqzBAKXKcLFIuJFlR7RGi6n0UrKt0ZcqiBKvy1JE-rGki5BGEp5lj0TzymEPbnsXINF3DN9ncJWBYws6M0WFtPQCt1h4ky5Q

Request Chain 215

https://aep.mxptint.net/sn.ashx?google_gid=CAESENPSM78MDOR4USFqdNrSh3o&google_cver=1&google_push=ATf1kGMmfQQ0wBK6U6Ztgc6QEugpgfIk3_QQh_CpOOQ814FAyvv294FJCN1qS5kaxXG1KN4VDVtz1uhwAi6pCiV5mhEEaEHMhTOvfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGMmfQQ0wBK6U6Ztgc6QEugpgfIk3_QQh_CpOOQ814FAyvv294FJCN1qS5kaxXG1KN4VDVtz1uhwAi6pCiV5mhEEaEHMhTOvfQ&google_hm=UjMzNjQ3XzEwM0IxNjMxNF80MzY1NzUxRg%3D%3D

Request Chain 216

https://fksnk.com/cs/google?google_gid=CAESECP30HmjmUQleZ4L68-rzFY&google_cver=1&google_push=ATf1kGOalERE3Knt-RAruePx5jbSj-nIXFY4oc9QCNMczGf7QBrBY2kf-rk2RUs7MHjq07jjQiCAgjGGXGCLwSUabe5LAC_aTiFcvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjgzMUI3MjAwN0Q4MzhFOA==

Request Chain 217

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGyvbUbUxZoXPrFjzmSBgBc&google_cver=1&google_push=ATf1kGP79r5Vb9r0cEgecRMV69w2T2ETKHotqnvmwn0lorA28YpyyMs5BkK1hIfViuJCfAJJSvbf4tiwIKY685I1ir0VvojrZ--4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP79r5Vb9r0cEgecRMV69w2T2ETKHotqnvmwn0lorA28YpyyMs5BkK1hIfViuJCfAJJSvbf4tiwIKY685I1ir0VvojrZ--4&google_hm=eS1Pc3FrNUs1RTJwSFdjdzY4aWpFaklCcWt4a2NmYkYyU35B

Request Chain 218

https://s.uuidksinc.net/match/47/?remote_uid=CAESEMfybMsX1WOhfvXjDM2i_sE&c_param1=ATf1kGPI6btrDjgsnQLlXlygIrpsIydq3kO3uOYzb7OuaWKZ7jlnx9AikCKWmiWe8WQWxduzSrSb-UkZlIfbqoo0j03YIm_tGmYncw&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPI6btrDjgsnQLlXlygIrpsIydq3kO3uOYzb7OuaWKZ7jlnx9AikCKWmiWe8WQWxduzSrSb-UkZlIfbqoo0j03YIm_tGmYncw

Request Chain 219

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBM-K8pQFPd68kyG5uUA6-I&google_cver=1&google_push=ATf1kGMYi0Wmm9k_mNWKURGvFl4QHNtS8WLGNyT-H4dzuixjRJpX4i25e-Nl6yLKxegbtO6o5rLhY5zvAuEyplRuP2aAkZjjOQY-Zg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMYi0Wmm9k_mNWKURGvFl4QHNtS8WLGNyT-H4dzuixjRJpX4i25e-Nl6yLKxegbtO6o5rLhY5zvAuEyplRuP2aAkZjjOQY-Zg

Request Chain 263

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 264

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%7Bdevice_id%7D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1685802950219-999425910858-001213-006-004277&key=80b0de72-807c-407a-b6e0-1c93a424de24&gdpr_consent=null&gdpr=1

Request Chain 267

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%25%25VGUID%25%25 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1685802950219-999425910858-001213-006-004277&key=rYaKZUw3jXHf&ev=1&us_privacy=1---&pid=562704

Request Chain 269

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%5BRX_UUID%5D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1685802950219-999425910858-001213-006-004277&key=OPTOUT

Request Chain 270

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a6b584709255e1ae30f947902540b5f&_fw_gdpr=1&_fw_gdpr_consent=

Request Chain 274

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1685802950219-999425910858-001213-006-004277&key=5b0a48d5-ab14-4951-9b61-7c14d4ae47b7

Request Chain 305

https://gum.criteo.com/sid/json?origin=publishertag&domain=shoot-yalla.to&sn=ChromeSyncframe&so=3&topUrl=shoot-yalla.to&bundle=0O6-4l9zS3J5U2dxTWNWcUlVcDA3S1R5ZW4zWmNqNEpVMEhFamoySTZYRCUyQkl4ZWdyRTZ5R1dyelFxdzdmeW5XMnRuaVJmNU1RVlBnUHh1YTdmQnVjYzFhNHQ4M3JrYUlWN1FZU1JFakt3OEVYNEFGdFQxYkZkNHNpcVpGZXNPJTJGY3AlMkJoN3BoWCUyRnYxNlBvOGdZc2xUYlFYaE1EZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=9pnBbXxMVmpPRkhhUGFVZXZYVzc2eUlkTUU1dHpDQXVSK05WR1VmS0FkNTE3Z1dLd0pMdDRZOTRQWTJlamVDY1ZoYTFqbWtJT0ptWlZEcTlkZVV3SnNCU0tER2FFMWoveDg5VFljODRvbHp1ZGxyazBiWVUzcUpCNlRvdEZWWHdDbXZPNjVPekwxWEp3Y0NYNEk1MjBWRzVkZkNFbmVsTDNlaXF3TytoN3NnalZ1WDVLMFRrWHlkOHNqcGJjYWZpcDFKWnZkc25UNm0zV2plS3FxWmowNXdpTWpzRVNmMGgrcS9Ebmw5SGRyMUFtSUlqK3BFejkvR2I5c2pDUk5vZkNWK2V5WkEzZzlKRjFtVEFYdE9FTktyRnR2ZHZHTTBnSVhETlZzNWxqMVlJbUdSQT18&cppv=2

304 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/ 204 KB
62 KB 114ms
60ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36644be5918f6c1dcf78dd9446e26ae9e88f7376ec53b8c9afd6a9255c87666f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 7d18aa2219883a54-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 14:35:46 GMT
expires: Sat, 03 Jun 2023 14:36:46 GMT
last-modified: Sat, 03 Jun 2023 14:35:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFZ5L5JvhCpBdzPdpy%2FPSf2%2B3bfrul2uBdH72uEEFKGkIxiKLjMNG4NJbJfhAom9kQNgW1WrmkFTngvDdCANBnPRNi%2B3k9sUYliuUj6ytXa9gk8kSVU1r2WOHdQgJ0yidA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 standing.css
shoot-yalla.to/assets/css/ 8 KB
2 KB 34ms
33ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/assets/css/standing.css?t=1685802937

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ad92bb2e47d63ce3250b038f2c017eacfb824a3dd8def98d2c4df41bdfa82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 25 Sep 2022 18:04:40 GMT
server: cloudflare
etag: W/"63309838-1f55"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rBQtG0PBk98FoapW0JsuAbE2tSb9%2BYpcQrFkWs1lqb7cuhb5l1YTdfKV84kebTMeItYL4DA4F273gMlzUfETBKS0SSNJmr%2B2JWXQLN9fA6myDrcbOZCoQs9vAu%2F%2BGLMoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7d18aa229a523a54-FRA
expires: Mon, 03 Jul 2023 14:35:41 GMT

GET
H2 200 shoot-yalla.tohead.js Show response
jscdn.greeter.me/ 8 KB
8 KB 54ms
16ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/shoot-yalla.tohead.js

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

714e12f6093f5ffbf0c50cfb2051c9c85b86e0bde08696b8d7763881da70dd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Apr 2023 10:33:58 GMT
x-amz-request-id: tx0000000000000b51cc773-00647b42d6-9733ce3a-fra1b
etag: "3263dc2933663b7a5fb0b0bf8d4b9327"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1685802946.dop206.am5.t,1685802946.cds322.am5.hn,1685802947.cds219.am5.c
content-type: text/javascript
cache-control: max-age=291
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8286

GET
H2 200 shoot-yalla.todynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 17ms
15ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/shoot-yalla.todynamic.js

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

95c03596aa5342e6dc64b5c7e075cc5023788a63371a52796f2d282f8c3834a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Apr 2023 10:33:57 GMT
x-amz-request-id: tx0000000000000b536be55-00647b42d6-97329064-fra1b
etag: "c0b8448b11470e49820a20a657851cc2"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1685802947.dop206.am5.t,1685802947.cds322.am5.hn,1685802947.cds323.am5.c
content-type: text/javascript
cache-control: max-age=291
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7961

GET
H2 200 A-letterbigger_Savir.png
jscdn.greeter.me/ 945 B
1 KB 21ms
19ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jscdn.greeter.me/A-letterbigger_Savir.png

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id: tx0000000000000b2ab3997-00647b4e63-97671145-fra1b
etag: "f07519ec5fbc46385f386b577e6e2a1d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1685802947.dop206.am5.t,1685802947.cds322.am5.hn,1685802947.cds320.am5.c
content-type: image/png
cache-control: max-age=3248
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 945

GET
H3 200 logo.png
shoot-yalla.to/assets/images/ 161 KB
162 KB 29ms
27ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shoot-yalla.to/assets/images/logo.png

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817504c104c8071a04f168dcc245705cb9641f44d97b2692ae5abe5e011c02e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 717462
alt-svc: h3=":443"; ma=86400
content-length: 165227
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 25 Sep 2022 11:00:01 GMT
server: cloudflare
etag: "633034b1-2856b"
x-frame-options: SAMEORIGIN, SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJm%2BqnnQiSjJOexyhg1fsMMbR9l0c3tRLoXHNDTFXkuzlr92HL%2BlswP7%2BNtzZsVrkvM619VkY55WHj5XV3PjLTdKoPGWDnPJzYv4S0YLAoE4V0BuUzCxcivnUFWQPoJ%2Fhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7d18aa22e88a35ed-FRA
expires: Sun, 25 Jun 2023 07:18:05 GMT

GET
H2 200 magnetsspads.min.js Show response
mediation.magnetssp.com/bpads/js/ 11 KB
4 KB 129ms
66ms Script
application/javascript 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: d50e12b32a9f597e7db520fcf93c0db0703ce8b2f22977ca7e8b8d7297f06bad

Request headers

Referer: https://shoot-yalla.to/
Origin: https://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: https://shoot-yalla.to
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: 00LCRxxUkhsky0xOGDE9wxf7QfnXJ3OZ6EfCiAvBGHiz7PtC0Im9-Q==

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 29 KB
8 KB 96ms
20ms Script
text/javascript 2a02:26f0:480:25::1726:6216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=64295823302f184a0404d414&AV_PUBLISHERID=641ff5a9b9dfa3debc05c057
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4fcfd877c2a809fc0aeb6cc604b9105e36b8649f39b30ec9e949baf1a1f96073

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Sat, 03 Jun 2023 14:35:47 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 7165
Expires: Sat, 03 Jun 2023 14:40:47 GMT

GET
H2 403 matche
dalbouh.xyz/api/ 0
0 171ms
117ms Script
text/html 104.21.233.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dalbouh.xyz/api/matche?t=1685802937
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.233.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 lazyload.js Show response
shoot-yalla.to/assets/themes/yalla-shoot/js/ 7 KB
3 KB 80ms
78ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/assets/themes/yalla-shoot/js/lazyload.js

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3ceed2256e78d1d6cf8ca4405b9204e43ed8dace787060fda3e822204fdbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12205
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 23 Jul 2022 01:24:16 GMT
server: cloudflare
etag: W/"62db4dc0-1c51"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0wXbranVfUDaIbAddWUntKcfluh9l4lVaz0XSjWoFVNo5K0Sgcj1M0E6BDogu4ARcp%2Br5wf25o3Ey%2FtpXWQRkVwhPSU%2Bu77i0Ode4lsIInrnd9HSo2A8aM%2B30Ldhx3Rdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7d18aa22e88835ed-FRA
expires: Mon, 03 Jul 2023 11:12:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
48 KB 88ms
27ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf6150148066aa12553cd29bca535fe9a73ddde5e6a893c78effd44a88f59eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48391
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 14:35:47 GMT

POST
H3 200 key.php Show response
shoot-yalla.to/ 166 B
674 B 63ms
62ms Fetch
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/key.php?kt=1685802947

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843c6fe8889fd9dbb2e2dc7efcf505c0132b0496f388c83f4f3c358c4baa3d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BUdaD1nXeUnzOw3mHjKGmqQV6jXr2OJAntaIsjeYlWp2MhksiYCvD5kyUnQSJnWc8eQb1zD1n8MwhlEThThugZRBrsXrjdcpvOn9T%2F80NYYqMCKpR19EJHh34my2iqNLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=60
cf-ray: 7d18aa2348f335ed-FRA
expires: Sat, 03 Jun 2023 14:36:47 GMT

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 Montserrat-SemiBold.ttf
shoot-yalla.to/assets/fonts/ 188 KB
188 KB 62ms
61ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/assets/fonts/Montserrat-SemiBold.ttf

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26efb0dcc5b153bb38c8600fe0e5c3ed3ee2c8be163e73d30fd99ad691cf010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Origin: https://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11632
alt-svc: h3=":443"; ma=86400
content-length: 192268
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 23 Aug 2022 01:16:56 GMT
server: cloudflare
etag: "63042a88-2ef0c"
x-frame-options: SAMEORIGIN, SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzhaFWAI4DnlF6SuX4l%2BQAJWya35bidPp%2Fl2HwrPp%2B8FaxbUQeHyfWlL6OnbPmsUHtbvxX737hkURHjPgYeWy8YMvLVEATSMwEQ6d7sT8ry4GH23NL2uHPjXQl7NnV2Spw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7d18aa2348f435ed-FRA
expires: Mon, 03 Jul 2023 11:21:55 GMT

GET
H2 200 1556300905.png
web-api.scorarab.com/uploads/team/ 10 KB
10 KB 103ms
28ms Image
image/png 172.64.99.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556300905.png

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.99.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c2eff0912218a5261694f033b9b751b724934711d08a9221107c227912c438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029743
alt-svc: h3=":443"; ma=86400
content-length: 10013
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-271d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeL%2FjyzKSksGqcf%2FjHa1o55URX6WIHWZ9amXcON70jr7Ozx%2BkXVoHtBnmBV1BMogYr7lhxuSH4fbHNWHmejniJcu%2BQ94TgfBKj2%2Bi9EZpDFtUSganQDuBYgapWeSmHwqp%2FR06%2B7PDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7d18aa23dafe3a61-FRA
expires: Wed, 21 Jun 2023 16:33:24 GMT

GET
H2 200 1556300891.png
web-api.scorarab.com/uploads/team/ 10 KB
10 KB 105ms
30ms Image
image/png 172.64.99.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556300891.png

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.99.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3011a7d71e7124007ebb0d7bb4918b3da48d2d0e2a09f4a4ba53c5fc561b3fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 187253
alt-svc: h3=":443"; ma=86400
content-length: 10273
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-2821"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSBiAlbUWGQdbAoXyGn%2F3UQyqQs5%2FmG3bAbKTJVRMeTi8R6S5frG99E42XauR2SjLKFXFn2jz%2FvrFvIXQe9kIXS8%2FgXyUEogCtGgf3NC1BZy6nFDTnX2wtCMxnuVQgX5zoFWq%2FXtjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7d18aa23db003a61-FRA
expires: Sat, 01 Jul 2023 10:34:54 GMT

GET
H2 200 hb_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/468278/ 922 B
770 B 76ms
28ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/468278/hb_744327_17687.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.tohead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: db9725a00f53ca2f3a4140f8cfda2bf9e4dfb7118d1dcf68306fb778469ed729

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 14:08:32 GMT
server: nginx
etag: W/"6478a660-39a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 03 Jun 2023 15:35:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 160ms
94ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.tohead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3f86fd3b03ce3365607ab108fe0e71bd4d50735257a8586ab299b147a3bdae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25285
x-xss-protection: 0
server: cafe
etag: 670 / 19511 / m202305300101 / config-hash: 2362657388836249790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:47 GMT

GET
H2 200 wrapper_hb_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/468278/ 2 KB
1 KB 77ms
29ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/468278/wrapper_hb_744327_17687.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.tohead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81452d24bcf9cdb24414c005acd0240e96c555fd1b7daef16d68c5ca83eac9ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 14:08:32 GMT
server: nginx
etag: W/"6478a660-703"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 03 Jun 2023 15:35:47 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
25 KB 150ms
83ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.tohead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2319a986fc47aea041154b6b0d28e5440623d9643a32828621630bbe9fc654e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25285
x-xss-protection: 0
server: cafe
etag: 946 / 19511 / m202305300101 / config-hash: 2362657388836249790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:47 GMT

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
7 KB 84ms
25ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8561124
etag: "5ed61610-1b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hR0D8LWJM%2BCfYEYTqyb5cZ%2Bsi05aINAD4IgFs7EK1vFFiHx1JbJuyFEnGAoxVqtQnqiwckDXakADDxKm%2F0cBKJ7ykKgYA1hplgs1sRTSfwvL5mrqKRmwOjbfoLgsTkCVbi8PwkxXicbi%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d18aa23d8bc18ed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7068

GET
H3 200 frame.php Show response
shoot-yalla.to/ Frame 5EA9 198 KB
73 KB 50ms
50ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/frame.php?ch=b1eng_1&p=7&token=NmY3NDc1NzU2ZDZhNjU3ODZjNmE2NTM1NmY3MzM0Nzg2ZTc0NjI3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1685802947

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457e009eeefaf6f961927bae4bed0b1479dae044e139f48e6b5414d8ed3a2afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 7d18aa23f9bc35ed-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 14:35:47 GMT
expires: Sat, 03 Jun 2023 14:36:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZs1%2BNRproNtJGy8kbwZhN0aChh1y0vaX%2FBpKwPw2fYUQYvfhKGuFqPOd%2Blm2R5Requ51n0OdUQJ7xEj%2BV9Xqjx%2B8WTyt7cb%2BImXk5Z9i5U01pH%2BUbk0NCxFnYZClfWwew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 118ms
69ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Requested by

Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0679f75a292e9dcaa14c8ada81c2a8c7d23bc2a1873b8652cf9f223976f3d9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoot-yalla.to/
Origin: https://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47529
x-xss-protection: 0
server: cafe
etag: 15154611991962393259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:47 GMT

GET
H2 200 page Show response
mediation.magnetssp.com/bpads/ Frame 9BE3 2 KB
2 KB 115ms
61ms Document
text/html 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 13a61b12408327433a8040b4305698dcf59674b9a6d86d32fbf82b19d9772ead

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
content-encoding: gzip
content-language: nl-NL
content-type: text/html;charset=UTF-8
date: Sat, 03 Jun 2023 14:35:47 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-id: s7uLOcST2f768E9vOkANAKIMwO64-oUqICDuPbNF2dUU_m5X17yTwQ==
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront

GET
H2 200 bpads
mediation.magnetssp.com/json/img/ 823 B
1 KB 148ms
93ms Image
image/jpeg 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediation.magnetssp.com/json/img/bpads?app_id=1a00190d4d25000&request_id=G3CN3k2IBVPaQq-EJxSsBY3XvLLpEgYT&client_ts=1685802947185&os=&lan=en-US&sdk_version=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&events=%5B%7B%22idf%22%3A%22D5HN4d1O7VNZTq-XbcXUgrPxJt0gNtC%22%2C%22gen_ts%22%3A1685802947185%2C%22evt_id%22%3A%22MAG_FIRST_OPEN%22%2C%22cat%22%3A%22MAG%22%2C%22sub_cat%22%3A%22OPEN%22%2C%22data%22%3A%7B%7D%7D%5D
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: QOYSfXVdw_sbPERTPdAtrAD5fVMb7Wg6fCwEXkFYaVq3LsS5rwYEzg==

GET
H2 200 bpads
mediation.magnetssp.com/json/img/ 823 B
1 KB 119ms
65ms Image
image/jpeg 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediation.magnetssp.com/json/img/bpads?app_id=1a00190d4d25000&request_id=D0GN5h4I8TJZTs-oRNwanjYoeLPdrx19&client_ts=1685802947186&os=&lan=en-US&sdk_version=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&events=%5B%7B%22idf%22%3A%22G0GN2f3N6QKaQs-QPG0c1nHfDre37QVB%22%2C%22gen_ts%22%3A1685802947186%2C%22evt_id%22%3A%22MAG_SDK_START%22%2C%22cat%22%3A%22MAG%22%2C%22sub_cat%22%3A%22START%22%2C%22data%22%3A%7B%7D%7D%5D
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:55 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: QG_DjGeAmqaTVaoRDgShyEydZE-ZjnQFOtOfT8JYQ8kwNLbqtgnOKw==

GET
H2 200 hbp_master_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 348 KB
111 KB 22ms
21ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_744327_17687.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468278/hb_744327_17687.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9d00c29c4b56c0d9987fbf7e4ef49fc1667bf37996ee3c1151b119f6350abeb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 12:49:12 GMT
server: nginx
etag: W/"64774248-56e5f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 03 Jun 2023 15:35:47 GMT

GET
H2 200 hbw_master_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/XGjPQ/ 95 KB
32 KB 45ms
45ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/XGjPQ/hbw_master_744327_17687.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468278/wrapper_hb_744327_17687.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: fc663fb44a1d85824a7c413c91e26dc204f6c021c4a65b1d70db1fca5117149f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 14:08:32 GMT
server: nginx
etag: W/"6478a660-17c30"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 03 Jun 2023 15:35:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-42B0FRBVLM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ae090d8f423b6393aa46fa54cb5d6ba836e454bfc2872955448a9d5ab9ee55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80532
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 14:35:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 14:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 20
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 16:35:27 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ Frame 5EA9 470 KB
131 KB 56ms
13ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/frame.php?ch=b1eng_1&p=7&token=NmY3NDc1NzU2ZDZhNjU3ODZjNmE2NTM1NmY3MzM0Nzg2ZTc0NjI3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1685802947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3332834
x-jsd-version: 0.4.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 133477
x-served-by: cache-fra-eddf8230102-FRA, cache-ams21022-AMS
x-jsd-version-type: version
etag: W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 5EA9 30 KB
11 KB 83ms
41ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 17911
x-jsd-version: 0.3.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10804
x-served-by: cache-fra-eddf8230055-FRA, cache-ams21022-AMS
x-jsd-version-type: version
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 p2p-engine.min.js Show response
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 5EA9 171 KB
54 KB 79ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2b2df3739ad9771d92073eb7be78b4e199acaf8ca2c94eba90d21050e886edf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13942
x-jsd-version: 2.7.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55358
x-served-by: cache-fra-eddf8230112-FRA, cache-ams21022-AMS
x-jsd-version-type: version
etag: W/"2adee-0UMfrblaUyfvjCeL8Inik5i7fxE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clappr-p2p-plugin.min.js Show response
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 5EA9 3 KB
1 KB 79ms
37ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6567
x-jsd-version: 2.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1198
x-served-by: cache-fra-eddf8230036-FRA, cache-ams21022-AMS
x-jsd-version-type: version
etag: W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/ 408 KB
126 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

325be98d467be29fd7b3d1c36f2e137806b171ca7d73ef3b535e198ec0bd1dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 14:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86077
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128806
x-xss-protection: 0
server: cafe
etag: 8074574313080668351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 01 Jun 2024 14:41:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
497 B 94ms
54ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shoot-yalla.to

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d831e121563f442bb2f84909f710a0c9cc68a17ea5a9ab8abb31dec500e7dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 472
x-xss-protection: 0
expires: Sat, 03 Jun 2023 14:35:47 GMT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 149 B
419 B 71ms
19ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/XGjPQ/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 71e4178f36fc1a4d07fd743fc253bc0bd962cf38c01f244d417a7a7db548cfa5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:46 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://shoot-yalla.to
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 149

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
433 B 72ms
19ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=744327&site_id=17687&pbjsv=v7.37.1&full_page_url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&adid=g3jr37.94&features=81952&vpbv=N148&tte=205&lifecycle_tte=471
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/XGjPQ/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:46 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://shoot-yalla.to
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 49ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-42B0FRBVLM&gtm=45je35v0&_p=62401647&cid=1471861602.1685802947&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685802947&sct=1&seg=0&dl=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&dt=Manchester%20City%20Vs%20Manchester%20Utd%20-%20England%20%3A%20FA%20Cup%20-%202023-06-03%20%7C%20Yalla%20Shoot%20Live&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-42B0FRBVLM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shoot-yalla.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page-XCXWEUPF.min.js Show response
mediation.magnetssp.com/dist/bpads/js/ Frame 9BE3 14 KB
5 KB 95ms
95ms Script
application/javascript 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: a6482849860cec9c85f0b28a58d829013b52b1c774f20255cf6100f66c1ab46d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:02 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: yqbfYoLpmGRQNiDvd9qPWyjQVd75CP_s28PfmwcgPxAnAOb3T-nLWg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 28ms
27ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=62401647&t=pageview&_s=1&dl=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&ul=en-us&de=UTF-8&dt=Manchester%20City%20Vs%20Manchester%20Utd%20-%20England%20%3A%20FA%20Cup%20-%202023-06-03%20%7C%20Yalla%20Shoot%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=957173623&gjid=1667994550&cid=1471861602.1685802947&tid=UA-153122498-1&_gid=31062689.1685802947&_r=1&gtm=457e35v0&jsscut=1&z=882068759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shoot-yalla.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/ 351 KB
118 KB 125ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=shoot-yalla.to&bust=31075004

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cb8fe3428f28ae4159cb5952b9272e9bc7fc19751ef125754a426016dd4d595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120640
x-xss-protection: 0
server: cafe
etag: 3852381346881083829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame 0FEA 10 KB
5 KB 67ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 13:00:21 GMT
etag: 15057649708203361565
expires: Sat, 17 Jun 2023 13:00:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 48ms
12ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_744327_17687.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3ac1c955ce288d74dc40d6eea69a1345592ea01c75f2070316559097bb31383

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

expires: Mon, 05 Jun 2023 14:35:47 GMT
date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
last-modified: Fri, 02 Jun 2023 12:02:19 GMT
server: nginx
etag: W/"6479da4b-2aca"
content-type: application/json
access-control-allow-origin: https://shoot-yalla.to
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 75ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 100ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
564 B 15ms
13ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11775
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-ams21022-AMS
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 48ms
13ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:40:24 GMT
via: 1.1 google
age: 3323
x-guploader-uploadid: ADPycdvsLFhJ4mFGCoHFp65VOVKC6qNeZ6BKYRJoJPojzAxMaEjrhwSp9p6-v7j0n-f7KO0OZiibwpk-cpuiCAj9Y2sOkfPmHHw6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sat, 03 Jun 2023 14:40:24 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 78ms
23ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 20:50:11 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 63937
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: yezAB6Ky5R5wvOtWn4S-fEMoev9V2jnGLtHUA0cEt0fOiSzg5Hyx5Q==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 83ms
27ms Script
text/javascript 2600:9000:225b:3a00:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:3a00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 05:58:55 GMT
Via: 1.1 8ebebe66cc8de626ee8e15b2ee72d826.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 31013
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 8dme2q6obo35gi2x_XFte4S9MtSk0veC7dfpTKUfROKA4XHahwNOzQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 70ms
28ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: QNZFRY7R9FJXK93W
age: 704
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d18aa269844bbd3-FRA
x-amz-id-2: KKDhfGIrvMmWhKAufCzBC/nz7h+uhfzoYa3jYlHOyQKecIUrTE2oMNZPuo/P7zreNiWhD3nwINo=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 54ms
22ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Jun 2023 14:35:47 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 572 B
320 B 517ms
515ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3552925523421010&correlator=3049966149503344&eid=31074949%2C31073558%2C31070232&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=2&adks=3191345388&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685802947569&lmt=1685802937&dlt=1685802946953&idt=484&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&frm=20&vis=1&psz=1600x2939&msz=1600x0&fws=0&ohw=0&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6ae-jYgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjpp76NiDFIAFICCGQSGQoKcHViY2lkLm9yZxjpp76NiDFIAFICCGQSFwoIcnRiaG91c2UY6ae-jYgxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOmnvo2IMUgAUgIIZBIZCgp1aWRhcGkuY29tGOmnvo2IMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

282e493dc5665d3887970b630b1b1ebaef34757cb967d2cdc2d4c1ff71ec310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
16 KB 422ms
420ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3552925523421010&correlator=498141213462368&eid=31074949%2C31073558%2C31070232&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=3&adks=2936496661&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685802947577&lmt=1685802937&dlt=1685802946953&idt=484&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6ae-jYgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjpp76NiDFIAFICCGQSGQoKcHViY2lkLm9yZxjpp76NiDFIAFICCGQSFwoIcnRiaG91c2UY6ae-jYgxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOmnvo2IMUgAUgIIZBIZCgp1aWRhcGkuY29tGOmnvo2IMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6f92628b06ad79f2b8b8f3ac4740c3b5ff9295c412d7b86b1710648c72a187a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15882
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shoot-yalla.to
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 125 KB
37 KB 541ms
540ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3552925523421010&correlator=1038393995763407&eid=31074949%2C31073558%2C31070232&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=4&adks=3826710058&didk=2675907335&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685802947583&lmt=1685802937&dlt=1685802946953&idt=484&adxs=250&adys=314&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&frm=20&vis=1&psz=1100x2355&msz=1100x0&fws=0&ohw=0&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6ae-jYgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjpp76NiDFIAFICCGQSGQoKcHViY2lkLm9yZxjpp76NiDFIAFICCGQSFwoIcnRiaG91c2UY6ae-jYgxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOmnvo2IMUgAUgIIZBIZCgp1aWRhcGkuY29tGOmnvo2IMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da8b56f178a5cd1feb39c9de26ca7b7e0a4fe07f1b7ca324fc2cfebe27a9d16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37960
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
16 KB 515ms
514ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3552925523421010&correlator=2124118690198357&eid=31074949%2C31073558%2C31070232&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=5&adks=2134278334&didk=2675907334&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685802947587&lmt=1685802937&dlt=1685802946953&idt=484&adxs=250&adys=548&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&frm=20&vis=1&psz=1100x815&msz=1100x0&fws=0&ohw=0&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6ae-jYgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjpp76NiDFIAFICCGQSGQoKcHViY2lkLm9yZxjpp76NiDFIAFICCGQSFwoIcnRiaG91c2UY6ae-jYgxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOmnvo2IMUgAUgIIZBIZCgp1aWRhcGkuY29tGOmnvo2IMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f83653636b73b878ab64fa4873fb0258eed8b17fb7baed52242f67531f10386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16028
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shoot-yalla.to
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
321 B 327ms
326ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3552925523421010&correlator=4486748718903586&eid=31074949%2C31073558%2C31070232&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=6&adks=1749980851&didk=2675907333&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685802947590&lmt=1685802937&dlt=1685802946953&idt=484&adxs=250&adys=1195&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&frm=20&vis=1&psz=1100x2289&msz=1100x0&fws=0&ohw=0&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6ae-jYgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjpp76NiDFIAFICCGQSGQoKcHViY2lkLm9yZxjpp76NiDFIAFICCGQSFwoIcnRiaG91c2UY6ae-jYgxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOmnvo2IMUgAUgIIZBIZCgp1aWRhcGkuY29tGOmnvo2IMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aa13f14a45b870ac589b880d738fa2edbc9bc793934dd2ddfbf5731c3100bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 633 B
313 B 338ms
337ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3552925523421010&correlator=2388428629895236&eid=31074949%2C31073558%2C31070232&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=7&adks=1690059666&didk=1220294050&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685802947592&lmt=1685802937&dlt=1685802946953&idt=484&adxs=250&adys=2636&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&frm=20&vis=1&psz=1100x1474&msz=1100x0&fws=0&ohw=0&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6ae-jYgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjpp76NiDFIAFICCGQSGQoKcHViY2lkLm9yZxjpp76NiDFIAFICCGQSFwoIcnRiaG91c2UY6ae-jYgxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOmnvo2IMUgAUgIIZBIZCgp1aWRhcGkuY29tGOmnvo2IMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2412ea52d14fc60d1c55b9ee25087a89ce6786e865bb21341d7c79ad310ed6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9DD0 6 KB
3 KB 110ms
27ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:47 GMT
expires: Sun, 02 Jun 2024 14:35:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 mediation_configs Show response
mediation.magnetssp.com/json/ Frame 9BE3 557 B
1 KB 64ms
64ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_configs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: fa602dbac3c6503fbbb0f38c49a084f016960090e03b8c6e158c7f77a667198d

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: qp-yCQ_FKXZmmUg84CppkeEmGdAzlqt5DNw5WJuzl95-UaKKJpXyMQ==

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 159ms
44ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: efb8ec6d8932ffaab54c328356c0485614ce86b945880e0b5a33672773c5398b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:47 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:46 GMT
Server: nginx
ETag: "647b4fc2-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 56ms
23ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shoot-yalla.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shoot-yalla.to
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 03 Jun 2023 14:35:47 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: bfa8bf862196bab693277d65a0664425

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 265 B
359 B 35ms
31ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 3036b68787d2a396d213a010554b8fc15f036e87fc1069351893cdc4948c37ff

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 4537a822e7264a085c0bc829bcac5cc9
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6625 15 KB
6 KB 46ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=shoot-yalla.to

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 426742
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
323 B 82ms
22ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shoot-yalla.to
date: Sat, 03 Jun 2023 14:35:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
608 B 124ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=shoot-yalla.to&callback=_gfp_s_&client=ca-pub-7731356227310930

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=shoot-yalla.to&bust=31075004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7a86f6dd04e0aa36786c8d4d418d19bd848c51634cc8d4d281a3427bfe29797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 33ms
30ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=id-custom_banner&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB29 76 B
265 B 191ms
190ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=1573534164&lmt=1685802937&plat=1%3A16777280%2C2%3A64%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802947413&bpp=5&bdt=460&idt=263&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5866812604701&frm=20&pv=2&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31075004%2C44788442&oid=2&pvsid=3552925523421010&tmod=2063129335&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:47 GMT
expires: Sat, 03 Jun 2023 14:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 109ms
34ms XHR
application/json 52.51.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.69.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-69-125.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ae86c739796aff1155e1b441a98aa5cd6c5e5b371b1efbaf4c768eeebd0fb461

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:47 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shoot-yalla.to
cache-control: no-cache
x-server: 10.45.13.208
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 9BE3 35 B
601 B 66ms
66ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: 9rii73ifIuqeqnwxJ7VMmoRAHxgAKWfqqzRpuBAxolB0gi_iEXrMlw==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 9BE3 35 B
600 B 60ms
59ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: LXSGAbZpMaLkYVhoCTu-otasz9uvXvnqremCPUkuv7D6VdE0TlA3EA==

GET
H2 200 afgegg Show response
www.boomplaygames.com/ Frame 0D6C 4 KB
2 KB 117ms
65ms Document
text/html 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomplaygames.com/afgegg?at=1
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 04c19866871960d5f764a0e629213d45cb3670fa273ded92884b05f1310bfbc1

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-language: nl-NL
content-type: text/html;charset=UTF-8
date: Sat, 03 Jun 2023 14:35:47 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-id: vQ8Ye4GE3PLPwfgYu8zUIuomZrIbccVppPZEmjylTwtfKRthfJZ95Q==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7832 106 KB
36 KB 431ms
430ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1685802937&rafmt=1&format=1200x280&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802947708&bpp=2&bdt=754&idt=3&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5866812604701&frm=20&pv=1&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31075004%2C44788442&oid=2&pvsid=3552925523421010&tmod=2063129335&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Oc17U0ADKj&p=https%3A//shoot-yalla.to&dtd=8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d1a1bd6e0090a11f2dfe2f5525c8789eacced226baaed150624e6f2db69dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:48 GMT
expires: Sat, 03 Jun 2023 14:35:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6625
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=shoot-yalla.to&sn=ChromeSyncframe&so=0&topUrl=shoot-yalla.to&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=o1OJfHxxaHd4cjhsbkQwOTB6d1QvTVhENXBYM3BtbCtieWRMdVQxTnh0S2cySDM3dW9rQ3RwclhYalZZTXJuL1ZoL0grTC9FL3JJbFFBV1JoOXFtLzVuSzJuVTdSc3djL2RNbDBKWnY4czVIQVR4TmFjVkNaMHBpTGtMd1...

425 B
654 B

76ms
24ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=o1OJfHxxaHd4cjhsbkQwOTB6d1QvTVhENXBYM3BtbCtieWRMdVQxTnh0S2cySDM3dW9rQ3RwclhYalZZTXJuL1ZoL0grTC9FL3JJbFFBV1JoOXFtLzVuSzJuVTdSc3djL2RNbDBKWnY4czVIQVR4TmFjVkNaMHBpTGtMd1c0TXZOTkR3amRLMFJXU1dKczU2U0VoeWhZTU0ySmpPY2xXYitFRW9MWkhiKzBRVDRhVC9uTjE2THRTblZjRmtMdWM2Ukx0VWIvTEZMc1JiZHo5b21aai9ZVW1NeS93MGJEVjJkeVcxSDJ5dFErNHFUT1Z1SU9GUG84WGxuZEE0RWRmOW5Bc2NuNHRxNUZXcWtYNTVKUzk3dWo1VVJ0UT09fA&cppv=2

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

740f4e8bb1912ca917b9520bdf17018ff529b99a8137805bb8a95bc188ee3aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1672687
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=o1OJfHxxaHd4cjhsbkQwOTB6d1QvTVhENXBYM3BtbCtieWRMdVQxTnh0S2cySDM3dW9rQ3RwclhYalZZTXJuL1ZoL0grTC9FL3JJbFFBV1JoOXFtLzVuSzJuVTdSc3djL2RNbDBKWnY4czVIQVR4TmFjVkNaMHBpTGtMd1c0TXZOTkR3amRLMFJXU1dKczU2U0VoeWhZTU0ySmpPY2xXYitFRW9MWkhiKzBRVDRhVC9uTjE2THRTblZjRmtMdWM2Ukx0VWIvTEZMc1JiZHo5b21aai9ZVW1NeS93MGJEVjJkeVcxSDJ5dFErNHFUT1Z1SU9GUG84WGxuZEE0RWRmOW5Bc2NuNHRxNUZXcWtYNTVKUzk3dWo1VVJ0UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 366993
content-length: 0
expires: 0

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 45ms
44ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: efb8ec6d8932ffaab54c328356c0485614ce86b945880e0b5a33672773c5398b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:47 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:46 GMT
Server: nginx
ETag: "647b4fc2-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H/1.1 200
OK b1eng_1-1410.key Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/keys/ Frame 5EA9 16 B
364 B 82ms
47ms XHR
application/octet-stream 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/keys/b1eng_1-1410.key
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: 530e7ad6776b89145e16294e61659429e5e8060e628645a03590a35acdf132ac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:47 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:39 GMT
Server: nginx
ETag: "647b4fbb-10"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 5EA9 178 B
334 B 80ms
22ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: b303ac68b221ba641e9ce908e31b49024646c00a597a199aa053c638f0a4597e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 03 Jun 2023 14:35:47 GMT
Content-Length: 178
Content-Type: application/json; charset=utf-8

GET
H2 200 index.min.css
www.boomplaygames.com/bp-game/egg/css/ Frame 0D6C 4 KB
2 KB 23ms
22ms Stylesheet
text/css 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1374b8f07fff158a285cae4f10364b53b430f5460c29a56e7069c5044541d12b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/afgegg?at=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:49:30 GMT
content-encoding: gzip
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 17177
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Yuw4mFOA3gqNPsaNWpFqvJ16TsyeiP676f1Cwdw71-h-t2jZhtzWTQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0D6C 136 KB
46 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3557b74083ec1dce7a9b536c5338bcda128d890081bbe205aea536baf9a8a2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Origin: https://www.boomplaygames.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47333
x-xss-protection: 0
server: cafe
etag: 6829253366234707196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:47 GMT

GET
H2 200 bg.png
www.boomplaygames.com/bp-game/egg/img/ Frame 0D6C 257 KB
258 KB 25ms
23ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/bg.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 471d1441e10580906ddefbe4cfb90f60ba5a73ff217739fdb927a06d38694ab5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 10:22:43 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 15184
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 263395
x-amz-cf-id: xn74Ans2B4jIkPggsTcx0IiU4RE3COYEA-y-F6i-8H4kOfDt7J_eYw==

GET
H2 200 icon_egg_close.png
www.boomplaygames.com/bp-game/egg/img/ Frame 0D6C 44 KB
44 KB 84ms
83ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_egg_close.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: c334fe640b85a39b39afcb3fb696fb65a0f38f61d4aa04e4daeb4b2736721a53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:08:23 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 41244
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44659
x-amz-cf-id: lktMNP_i0SWT7JQTgWkWMCfa9KQRHNmGuUCXHRsTLJfubdaM-t5WaQ==

GET
H2 200 hand.png
www.boomplaygames.com/bp-game/egg/img/ Frame 0D6C 26 KB
26 KB 88ms
87ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/hand.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 4bb033ea7a2a04c5459311db0d05fdf49fa1c1478b61e7db9e8358dcebfc9504

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 10:23:55 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 15112
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 26692
x-amz-cf-id: 5lknLZkjcz4oGaxj0XMmyE9JH7H9pEawznKx6m5-9dmk_MKUbr6ycQ==

GET
H2 200 icon_egg_head.png
www.boomplaygames.com/bp-game/egg/img/ Frame 0D6C 18 KB
18 KB 91ms
90ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_egg_head.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 553ae0bf096177f4d85b26a41d255124f5e812a830cc2b47a7fda8d2c05a4cb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 10:23:55 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 15112
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18136
x-amz-cf-id: W5tzwuFWVLvR8kknPqQw2cD5cyRj4esCi4SP_MolyyNJ1OzZ6hjYNA==

GET
H2 200 pic_light_1.png
www.boomplaygames.com/bp-game/egg/img/ Frame 0D6C 58 KB
58 KB 93ms
92ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/pic_light_1.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 53c8e12b1eecfdd19a3dd422e55c59fa464b5b8d79c1c3a496c5464012a7c2e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 02:15:29 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 44418
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 59063
x-amz-cf-id: eMBJ5w6VzIWl--pnUNYp9gua02Ajqz0Di2t4CzPhA2_JC5GcskNp3w==

GET
H2 200 iPhone.png
www.boomplaygames.com/bp-game/egg/img/ Frame 0D6C 14 KB
14 KB 103ms
102ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/iPhone.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 46694a456711f854acf918bf369e0ce435264b9bb101fe05b5605ef4aa68fe22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:13:18 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 40949
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14456
x-amz-cf-id: YUMXcOLXNfBlwulxVdlai4EoSG56PHcUEk-jgfURM_PT839bKOg8lw==

GET
H2 200 icon_open_egg.png
www.boomplaygames.com/bp-game/egg/img/ Frame 0D6C 44 KB
44 KB 104ms
103ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_open_egg.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 5b611e89fa1a6b58cbc1db830dffd3ff972ce5727f6397510a60332cc2218055

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:18:52 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 19015
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44922
x-amz-cf-id: wH6k--awDfSgcdjW_rdf4TDOGNCqNsO8bpNRH2PUafcuk2kycH1jUw==

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/ 87 KB
30 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/slotcar_library_fy2021.js?bust=31075004

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49e69b72e4ff80eddc746c53e41fcae0e95b44c95a8441c58ed39b188d16f467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30661
x-xss-protection: 0
server: cafe
etag: 11542103674402677877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:47 GMT

GET
H/1.1 200
OK b1eng_1-1415.ts Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 600 KB
601 KB 89ms
89ms Fetch
video/mp2t 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1-1415.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: eebd795fd8d2f0d6bde78e8f24d6c64f2015bd0deeb7720ebd26eb2dda86ac4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:47 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:28 GMT
Server: nginx
ETag: "647b4fb0-96170"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 614768

GET
BLOB 200
OK bda5ac95-ed45-4437-bb45-7ff3e1de8816
https://shoot-yalla.to/ Frame 5EA9 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://shoot-yalla.to/bda5ac95-ed45-4437-bb45-7ff3e1de8816
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length: 63763
Content-Type: text/javascript

POST
H2 200 channel Show response
us.hdtvcloud.com/v1/ Frame 5EA9 431 B
690 B 167ms
124ms Fetch
application/json 2606:4700:e6::ac40:cf21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.hdtvcloud.com/v1/channel
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f7f69e9d52e740efec3bcecf9031b2babe5f89e811121335596271f2070bed7

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9evkrvho2comtOIa%2Ft%2FxZr%2FQDwlRQ9%2F5sRv1CsGigIcpQRNB9QvNXC0ZS9kB1BaajDYBsvzGXMNLD6i7fc4R3Fkfq5rZavKWozY8M6o5tRuv5G5AXapL0%2FKUYWWKdR9FhQs8R0yqiBHrIY3RNDCC"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7d18aa28feff30e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 0D6C 351 KB
118 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=www.boomplaygames.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17bed7598d3ba13ee00afbe6eef78aac53e1741d45f2f4c6805afab5c02f5c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120658
x-xss-protection: 0
server: cafe
etag: 6040770368617842760
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305221508000/ Frame 5030 222 KB
61 KB 81ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 02:30:17 GMT
age: 43531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61790
x-xss-protection: 0
server: sffe
etag: "dc39a5ea8e84372b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 02:30:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 5030 15 KB
5 KB 116ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 04:33:48 GMT
age: 36120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 04:33:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 5030 94 KB
28 KB 120ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 06:02:30 GMT
age: 30798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 06:02:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 5030 5 KB
2 KB 126ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 06:37:49 GMT
age: 28679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 06:37:49 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 5030 40 KB
13 KB 126ms
64ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 21:30:23 GMT
age: 61525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 21:30:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5030 4 KB
1 KB 82ms
27ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 13:31:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5030 4 KB
728 B 83ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 12:57:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5030 2 KB
3 KB 77ms
25ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 57095
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 03 Jun 2023 22:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5030 295 B
665 B 71ms
20ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 14344
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 04 Jun 2023 10:36:44 GMT

GET
H2 200 854131566927864317
s0.2mdn.net/simgad/ Frame 5030 171 KB
172 KB 72ms
19ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/854131566927864317

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2df3eeeb8525890c99cfe6ba3159e956ca67d0bf4b49329d1451f5fc5c9d91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:27:55 GMT
x-content-type-options: nosniff
age: 7673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175152
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:12:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 12:27:55 GMT

GET
H2 200 15303507495183615455
s0.2mdn.net/simgad/ Frame 5030 4 KB
4 KB 132ms
79ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15303507495183615455

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a50da05eb3795f33bbdb180412988137805c3bdf5ff1469ae29cb681abf7972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:03:43 GMT
x-content-type-options: nosniff
age: 577925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3841
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:12:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 22:03:43 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 5030 42 B
66 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUQJlNQasedCL9pItRolW_3tWjOXOzJeY8CVAJwKjdM1T0hXEFfUh04u9Ukv3NhrWpr3ML_NpGRQ0A_WfJvkKinN9l89lXa7CO4FceG21GnXTSLYcLsSfleGsEZD0S_WVVJIRxcYhAif5SYYIvqLWH84ozjQ&dbm_d=AKAmf-BbR-XSxE6-JE279_fK22XK-4Ab-JX3mBlWrsufJ3z1BCD1n4LO5PGQY_OohCVJmr10jB07nME-XXFIuOKCaeUtHja5j6eF4YVz60gk-F0KdRWGjEt5f_5TXd0E-czBpGH-SRbUt0cNxcNqHNI1YWW1zLNZQKIJqyrTWelMlPhs8tSsaeXYE0IODviD12e5tpQyJYuWIghURymYvH9O0PTgMl10S9yUx8wtPWWWvVONxAbKWIiQaHnWGuITLElhmmwK2x4FaLGZNX7HmBrVByqPYXDQOPEef3OEyqroWI0zh6mStS64pgB-xmSm3FpwWXhPgoAGcGEWxzqzqXhpbQBWstQhMZhknhWmjjosU-1eQODMTAaTwfWrXk6M0XGtAwXpvVyK8KkgsayhBBfExRNiCZaYzTspprwa-1a67H5gfYUYujtiz8blcTSJZmsgG5JnCs_Qq8yB3dhRS24VcBYWr6x_OT1TE0GVokUkO9rKp3bzXQ1C0vxeEaaALxztfbKz7Ft8S6zee0IeHerYkcNNQpcsa4VO07NZhAHRzu28m6ChuUDW8-i7vU-vwuHM6-hRhd7yDx0KraFLYJD4F3wHUWXNuPkr34Mlcdh_qx8saVU2bv89T-1owhkngdT84PP7XODrulJWxBY25jrPDIC27LZ07aA-kDK9C-YwxIq3fj-IosPurcRLgTSOrMSv8cFDiaKfcMDYzbsP8UDspA7iQSqjE1k-aOa6QM-R287-TdW-11CSFkFXd53QYnkG79sm2D6iUVoMRsOmBIOUQDhjoyFmyIyyac_v9FAkca7Lf_eAjAWl8Mnvz-hPG25eKSFX3C1KwSfCZt4ftZj3vgpLuzRQlXR-9FfROwzPIrpWLv4uSX-5sIs8MQujMxX2t_fkoISCCNgjELdzFK-iVKj8yIG1nMh_XD6k0vD3jvC7zK9usNyR_Yrf8--9Mi9EXXGmtswxh0_yVYIj4ljVv3VZRNqNbosTwC-TGsmNRt9nQPbiAVVjgqfC85y4Mf0P0qGluovbUI4gG2IM-3fSKknZvRHEGu5CZg6QXkkGnNpiPt1VPLyM1b9ZRHMtU7MVWqIGVxq09Ic5YAv0x0ii3sBKOWG7WIXDIeLk_AJq1-Q8Z53lI_4tL0H2GwE6bvL7rPQTe64l5HrbZV4SsNjQZenWIEH0IZ3z5s2grU9A31sYBEK-nXQRIrnb9Ku5Hqprl-k-zQyfn6OQnm-HyJSxVsXMlx3nKVnrTHCLjOvjHrVDvLSicANiAHZaAMeaS54MBASBSijOJHjq4EDNLn-VtjmlTZSvxI5omw8SX3_UNljipNJhW94cLWiOAQXTQcDA95m_ysPI9kLbO0uhhc_4tY6KxbPpwbptkfLvKttfE7eUT722jcCgYxxdX12E4mYp8Xb5mXTLiC9Ra-PGfa20lfQvdZvwnohaB_UBpLNQQg2iCTEm0MFL-0RjOZ4K3Uj00wBV6nbr9fZqKR1r_3V-0vKXX48H228T8aA645ZU9dxtu9Aa9ZFAWgdZMsB9YTNOFIiNuHW1lX36mSIG44Ld4-NSe-C7uAW4VExbz5qMesIe24UN3krvG-dYKd-d78rXcCcp8pHAy8cIgJ-MTPHcd29DjlloPpi4uG88vcHKu8feCyQEkcm5f7vdCclxFQ2sVEaMkwKR4uAOMnmx775jyyneI-Gl6NSaIuBaEQ6BkelK3_5mJjVSECZNc_s0Pnbxfh0l3OFlxu1axfpaOPo7l60hiWdM5OIJ3EFRYVULxG_UaHSKQxDZDKGWd3wyfk3crWsPvU-YdF8hT_QoDCb5AtjD-dRRqFEHeTiJzOM_96x_uP7a8xwEv6iRnTbus9e4BxyOEpIHQ2I0i_Xx8WqKKBFsfry5bNJtei_RVRg_OCURuh5hc9g4EZvbNZhk8n-Vwji0-D_riC0dOMFo8iJjrlB-rBZ-92DhEtDmgtqPXqyl7fs9ib5pg916cbef4XJ6szy8QYRgYeJAmBDOxvIMNPIkORt4FJmXfCFkcqEPH077LK4jHpvXxbKgNWt7oKZYlYAgqbzp6hMpMW6v0dUliiMC7g_Jx0RkNDVRGoKM6bgFITCliTPEi3lO8vVvZDvOv2nvPDeuURJOMGusO4c4ah7p6Bu-tnmXVX9GhUi0qNJquNAtRKN4HgBmqMzwfbWmVTGkdO0L7u-iX2ZN4sKTwjz2K1JjQ7pQ99eV2gvzfMQrJiCkzOXTW5N8RKOReCRYGwHCCGsU7cHJOfO_Ijwswej7079xzwD3RvwyCsHz8B8dKsOMUn3nVk9ygGErOJJDNZGpSx7sPbVDKRjD-QtQUUozdswsOoUJ9-FvGmRhjBqXeJjoAGA9apDgb0IF0ahXSs3dyWw2rHwNR8-j3cAnWkKNmN4q1tZKTxW1CfewgAhcBN0c9ZJQ8R6KPLekm_AvLORBaJw5QMleKLr1-4x5ElokbJzVFfv8DvJxhnFMFy0KIa6lj5wFAli1acswxaJp2IJKrsUMAqQpx1s2_N6GOabBRe5_A9UJhWBAcr_pYjlSTtbPh0aOShWWyBgF7IRBbhChGTdGD0Qw1WV4GuI0y-KwvnceGy1MBAFOMi04S2aCqriAMjNXr_1iSroAkFMgWywmmwkWLE076GqkFmDvhM6LLwZ3InwGtgIQCtwUr4h1CE5vl_6r5FyGOZlirwndBJM4OgeiXizBGpSN7h4u80tsetW2cnWuoP1_tRwEbkxHB3ryRvmEqY6cWBlmfy6E-8tA_MO4mLVZpRHXgdU3qix5RT_t5EEF9vRV1Lx2w1-vUA6DVjyphFvwT5FsFMJo9KbiMoCRktVjSYuKh6t4snrWwP5VzKuElBEj6K6w4ILIsb6EgYvdsNQqTqx5uxIzpWdLQW_FZHRF0N4_rG0cBgDY_f_DH-BZ-CZXZIoBRDWyeidL6puuDVH-zq1-02vrg9c6j9VPUougfJn1hWLPXqjVop0051fVOn1pzp79Uwbq73ZEwNaagAv8tJwpMTmPbIiJXMiYToIypkZFtjWIf5f-D-TfHY3awnt6R56fXq136Ee3PiDlvISZhcHjexWTd5V0ocrGduWcHSlK3OcYqTMMRUxiiOUGZUKJhO_93OUam2JLHL5MZ2xGfxFF9cICqTkHTcRNC5P5tN4Pcy2fNl6No9uP6vwKr-6fzp5SG7PTjEuxSVD8SUBoCbDE0HFUus-4-cSN8wwh2BDLyxJ8agGZKRgbxK5Lhx6-rQHSLrLwGZ0KrkWietKVL_TWMoVebxITKFvcSlChXeF6cQWE89YOqLW_WiB1jDXeoO5krUvt5y0R6qYmujUsqsrfys3XYSQ75dFg5vZ-b-PLiJc6znucnkCEIVQ4HJVjKeRjpa6inpW7rdIJMdpxLkkCBwj_cDm_4STxAg4SPZhKTF1CWma_m3iZjQp43vjDPHLHyERzVR0YgZeSBcltGbTnWczKxtDQ6d-WE9IJ1gqojU1CF-ZxNYkZ3W1gwCntxVM2MUA52jzN_GdiBv1UPA7HgNSbMvL1wne_mryX9JW3h2hTVlbhhuKiOvQGY6Eh6iRV0mSCtYgMHGvTGFoqINosbFPu6nLARLP2uS3yO3EemH5oM_GD_A1J752HtHZujcPLyj7W2_psB8m7098jY6_mjssIQz_R-279PAfjQTrlpnYKkGjqDghSUWm-lqCtV0wXvZroEjGYF38&cid=CAQSTABygQiD9wUYRGpxFrylipfq9ljrzRqiem8BJ_TXkoWioqT2JFcHZ5fVQIC-OWm9Qr8pUXW4rNtS07_qsep0gzGAsT_O_VGQE_FUJ_gYAQ&dc_exteid=31097575540085608268901114817964260&dc_pubid=4

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5030 0
0 75ms
74ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHzEaw097ZOfyKZTHnsEP8_CrMInR9bRu8NPyroYR2u_S4LIBEAEgqLKFfGCRBKABn-yx9QLIAQapArh38lz19rE-qAMBqgTvAU_Q8Z-WrV5vE5iAYzXbyOvGI1-2lym-qQ__vbuP19Q8IMQPJz7Ro8LwVaf9SxsWDwpN2x_FgLh_iMBjZRP3xpUPlm1eDNNfF19sPErk_u2RnP8Z-eI0_ycSSu6jFsDQrQF5jjrQKlg3LF_ExLi-e_u2Hdovim0BEC614xXyrpeqdp5xJfP8U5UR9kVStl5-hEw7n6Or3nw1DympJ4iIjcI6Ysc8huap1nK1CZqyR9HtFsKmjqPYF70OWbe2ls8nSI6KrtnV54rmasauXn-1wczXBpGKSvDSHnHakmLlfhfN0mhbQNeBbCerz7zMPajKwASj8Jr0oQTgBAOIBbm80cRGkgUGCAMQAhgBkgUGCBsQAxgDkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfJk86KAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEJPrERi1pszZAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwGwE7DF8BHIE7r9uOED0BMA2BMKiBQB2BQB0BUBmBYBgBcBshceChwIABIUcHViLTY4NjkyMjk4MDYyMzI2NzYYppN26BcF&sigh=b9tQ6B6OPfA&uach_m=[UACH]&cid=CAQSTABygQiD9wUYRGpxFrylipfq9ljrzRqiem8BJ_TXkoWioqT2JFcHZ5fVQIC-OWm9Qr8pUXW4rNtS07_qsep0gzGAsT_O_VGQE_FUJ_gYAQ&template_id=509&vt=10
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5030 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab4b98d3fa6b0822ec650975d7baef574e608552e0ee35bab5f28943e56987e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5030 15 KB
16 KB 74ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 39921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5030 16 KB
16 KB 76ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 581532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 21:03:36 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305221508000/ Frame BC86 222 KB
60 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 02:30:17 GMT
age: 43531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61790
x-xss-protection: 0
server: sffe
etag: "dc39a5ea8e84372b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 02:30:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame BC86 15 KB
5 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 04:33:48 GMT
age: 36120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 04:33:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame BC86 94 KB
28 KB 54ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 06:02:30 GMT
age: 30798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 06:02:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame BC86 5 KB
2 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 06:37:49 GMT
age: 28679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 06:37:49 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame BC86 40 KB
13 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 21:30:23 GMT
age: 61525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 21:30:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BC86 7 KB
920 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a4e7fa7a2e004d6d54573fc95acaca31222892cd641d3358f27f7159867ac4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 13:31:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BC86 4 KB
728 B 38ms
36ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 13:15:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC86 2 KB
3 KB 30ms
28ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 57095
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 03 Jun 2023 22:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC86 295 B
353 B 79ms
77ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 14344
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 04 Jun 2023 10:36:44 GMT

GET
H2 200 7032806474683804938
s0.2mdn.net/simgad/ Frame BC86 283 KB
283 KB 26ms
19ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7032806474683804938

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d38196a3c2cd9d1b9601c1fad699d624cc566ae8458d5bc8298eac6143af7c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:54:49 GMT
x-content-type-options: nosniff
age: 592859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289617
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:07:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 17:54:49 GMT

GET
H2 200 7535925915772939850
s0.2mdn.net/simgad/ Frame BC86 4 KB
4 KB 52ms
46ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7535925915772939850

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a50da05eb3795f33bbdb180412988137805c3bdf5ff1469ae29cb681abf7972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:05:03 GMT
x-content-type-options: nosniff
age: 603045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3841
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:07:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 15:05:03 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame BC86 42 B
63 B 59ms
53ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvhdKE2UNOmzfoznG-hQi-UpTXSkVcvh0CbK-uAnK7GF94whrA9qyB7pC1hZ-LPC9vhISxrQ1XFHaHjA9CkiaK5yrB89QV_52IWWTxr-6J6SmFKPKK648h1kNJKS1ENdsMewHkveDwTooxcbT89Fi70WVNVw&dbm_d=AKAmf-BctGMvo5LJWgKz4hZM9gQtLz6_tUQKgkm-pbBLZfpFpzPy0s7ltUB_jv9GV7MBkntixQfPHDb4igxez0dXmcmphPb39xNlnmijBCXJAJ_MaNVvP3pkpaSsK1PEeByN3d4tw0La7oAEUZX2hCIjbrdhKuVhSKC6ATH7Z0VxWMpUekYgOUqJTU2WcKMN2cIntbeYz6CTpYlo4dxNOXW2lrfJqg6AtYU1_f4l6pMID_c5ovqdZwVk1EI0pSvwLuYOzN_RNWCL3zGLtfqydChi2o7pXnkQ165KqWeE6Yc8jMOwdd_bp_X6xp0MdyT0xskdxKqrToqbtW1OL3-1g1Lxsxe4bwAQph9d68UpOVo4IvkBUOVy7XIPMOHK6R25pKe6Eoek6d_v0SCetV5HD_FRKN0mTJYnjP21m-fIReQHkaNVhzeX6LDDZmvZ9VhsarOliNNoT5cBqLSGSwRTr5wFZXWe-V5vMJhhYlkH_UT_lL0v_XFlnXANXQJ50m42AoaVXmv2Y_91lm4zv6k59XEAvWCydvcI_mGTTdwTSSeSk38AXp0QVS2Gd7gmgpqdL4R39s1SodWGAWpSUsmqrQ0DvN5_cfRw1Ty3_38NbI36Pa_Fsm2Sw5f8IAMeAHGiSQBfYYRIFoZUHlqWBVQMIYofOMWUhw-n10AiF1hDlMI-xuQ7gY-vQODCwrFtJQSUVOgRIDAeBbFmW6fF-c7R2i5ZISk46IZvdLrpM_iCKuTDJwxyRtdv7GGPpwLbYsJxicI-8hKI058Z2gSxsEhrOTLcOTvIcOYKtAkgwWbkYQnaOeygu4-4G5SPfNPF6P0_7fqk8egItRrizzKVug6V0qvlF8OKt6aR0oKjqH5CejftsygL6CPd0capu_gK--klvInFYMOGwTdQkPx47UX2R5VhAHE8BZ5bM9qclS_LtwGrATeUXmARz981RnTxS1-Q9ArKBp60kcNSyAr-cj1jWYFB7uwxtIqnP6axNKAvDsxHWGrnH3NDlYQBwXRLFmBk0rd01JmTX2DZlNscrLQK3V4oJjq2SsDqOkdBpShkNWTx2H3DRSWGFnOTNXvvd7ZXyWs_gQ6XKc6eywsLwyi-lx9yhMRS8RnW_4gDNGEMHaSCbhfO6NgBJcmgzWMYhCo52ONLj56TdbCsDMZRyI1_3Em6sXgrr-iZTmYjAvOzBCRmoDnPpQhqCsIiskixp3LEWL91pA5lMUVHzKkArhuQEqQWke2Rxc1kSDbX5DS2hsOC3gYDPyUSH-EMS4tZtB4rlItL9uZL6epIJy4HoqxBz572RK3rUiZTNwqqDEDJEg1fZEtCMXXFBnyGSpSCvvsFsY8n2oQ0Fq5HyJMUH4DG81DRy8ZOp2bIriSuSrq0VlA4ImfPUJDeHiBasCwN9dtkow8uJSCry6s4PxDp-rqXrdXOmn3w0kukNFSHXl6AOyrAvD3I9YQ75Qk4Ut51TMwR2f82inYyNwJ5euSyzVfNZ6F8ivyD3OAsvH68--4SUqKYoC0r0Ca2EIH2u-zAtwrW9nhz0TdKyVMxA4L-WsaS0jn26Lh9Omzxu_Xs0PUKxJYQGdHLCMU3oCwaD6t7tysaaVtqJYP0X-q25yc-Scc8uUzcxDneYjS7TDt72Sf1HtDV82MZYsDzcM5HaEthLsxyvKpLmYATF9dzBspLJsCeF4wnFPAEiq8alhP3FtWGnUkH1rfFYeNiTxNPnz01HH6CE1QgCLPfWWQv6r-EIEHeezJh0KQN2azzBqIyZrW09PIpyH7OW1wP2Mh18Gdn1yiWXBtzZwSxp0mhmIHm4uYInDGgqdiaScIQfFZuNTX-jmcPYOCVxzuTnXw3BZL48dPHzkXFI1Qpm9aOKrhcqcgT7o5e3tLx8JvzTc3yMNKYRpShhQMuGOpS3uosLmO96DlxWUAEN2AxCkinclIi6WZKQ02YBTdHv6uCUAkPGwqlGD3M61cKZA0yyPK-QCO4ZDCK2xtyAb35Yjkd_7zfIjGINEitEOkF88bWUPIwEfpwhWQUYOYt9tL3oc2-CdlOvQk4JyX8REl-xXqo2gmT2kl3SayATnROPyvWpAXnwH5_fahpGNRDa_PazcJGVn_Nk37_WnfpoPbFTllfdTuvmB3UGK6tKQiRFJQheF_Ko7dG1f_NeWHR6mBd-2mcx1A_hW81JZjkq6YjVZeDMkeKMSiu3Z54BJP0iWNso7owfqiYUfGknifdd6rsxOeVKa_EqhhHlElVUjL_0Bv7rOv_W5oIIRhT5NwRHj74TIn-qlPbvanHUPeC-DejQgROs9YwnqJLlCITveU0jbt3-gJw_FxMKtCBgR5Nu2QKWiNxHQ8WzudaPG-mtXIc58B099-9qobXs7PiLeojXTQws-LjdEnMUFjF14uL4aCH5P8YVHZQ8rJVWeS1UKDb7M0AI0-Y72jKl24BZ4rd4Rz17Ju-eygD-VA4x4EuwtUyZUl1jqqEZ9CVF1IiKiLWrVnHXQJqMiAYr7roLuP3IFGhUX1t_st6ZnviF-CJY1OF6ws5PtcHnsmnKnMDlE2s6PQbRCD2TcK4TLtrLgpTEqvAgtPNCJsBYIWoEDTsxhC1tQZMJqQ9RsUFqK852b0ghgU-UseAoccj6IYZQuuTZRhLvSPwwV5-aSfUNAwm42v_q7QAicMmCG1e1yqTlB2fyMXxLB5sZ6ZtEElaw4KHXRXJGrz3aDRYpsPMcx7nChurBa-f23bO5Ewbq5Cge6Fbh2S49_orryzYSOpLratsl_8EySxCnLs757mbaL1lGIVbkYEQ3t6FjueVLtLrr9XqR9DsEClT-KTC8jisBIquqTb3G1CQIT1ahFCCCn9YIj3FVZEh4cYOsvgFtTmSGkMeKHCmc6BrKBkEplhD9V6wIuOzGm2wBjrAVTlGid0KXzAeigKtz4MYuVMysA_oxhC73pW7A5V_cs-FW_AqIZATQe0wIiOsGyKCnbkBhCzAVGhrikj0OgDWPhb7fH8TKS95jK9MyTNxdUI4JTkip_OkKx0vEKPl3WENAErd_B-Jweyrss2nvuzrUOKIgTY6CwJzA6dHvPClbNI1hQ_Ecj4TJTd0O8NAYxWUZXpPEmIwR927NQrRTAq-CXka-MM8lOrEkNGb88xzEmlX0ASBNhggtqKBcvgeW-NB3kkLq-eZtNTmgcUS5V8TPVM-x_N_FgfeusWwIUayBflurRRBU4XXx8Xte7RLkhc-yIt2qooM-deScyLDCZCX65q_fWShi98u_1J_HUrdnUzlzmfGdgmppAFcHf-kTwp354D8vZhURCO4rjLM1UfVcJcTr3kxkLU219mxHsreNv1fiCEo2gh39QtfAtCZzL-mj9XVoRtGjCY1liKqUNn4Vy60pQkD3uWxDBnyCWQRScNIjdGLvBMnbe7225ihqIPF5Z1IJhDTS4_nYszIT90Dcr0jacziv_BRWB48Rs9GvtI_Qeg8w-pQksqTPaQV-klNYn4O08f2Q_6AfdqH4WttbAYfrByJv3A6O_1IgOAubUGyZqIBElpZFCviyCTE_q1ygq3TBtU37eojEsEsE-xbJ3IMbCYf2XKD_P95UatOkB5thx65iquFY20Cyu-iJ-9bbHf_BX8ZD1Zsvoq7p02e3AUbP_OYEAEKjVstHXXo7DZ430-ly3g6InT1bfk7R0bxKvbYDK-fVp65tmVjCj67sQ2naPwTRDdrTG8&cid=CAQSTABygQiD5kZLO_W6cZk2cLkh3MMuayEbTDn2FlVt1u2bLKG25KiKkD4XLv8SCYwpHtfO128mJOH-Akabn0fXek2qJe0h0tSwFFnzl5UYAQ&dc_exteid=31097575541737569361709427082628038&dc_pubid=4

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BC86 0
0 75ms
69ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7eANw097ZP7xKa6tnsEP9taiwAeJ0fW0bsjT8q6GEdrv0uCyARABIKiyhXxgkQSgAZ_ssfUCyAEGqQK4d_Jc9faxPqgDAaoE8AFP0FkwsEMRNj3kxd-S6s4gPunCDY4ayITdMGFs8qjbVeiTAlfoLjllMH8qAw8gRUYofpCOgZ8lP2psX4XA1nkqXja7hzNb_hu9s8mbw5XJp4kODHr5_XwscKP0HHX6nqTZtGdldE4Et8xZXr2zvz5gWuwCdvP_lanhpXCeSshv8s4du9LpvWOVVOcuxK9i2bLm2RuoMgXGd33jYZ62XnwteDaalyZ6PFiiB5uNCNsq4YcDSSdRB7eexhDT9SblxlZg1jtrfS0ulYnOreOhAUsdW9MFGcmzbjiSgD-3jauUSy9i0PhptZRKovkWCeVAJfjABKPwmvShBOAEA4gFubzRxEaSBQYIAxACGAGSBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB8mTzooBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQ1vATGIeQzdkB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbATsMXwEcgTuv244QPQEwDYEwqIFAHYFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjg2OTIyOTgwNjIzMjY3Nhimk3boFwU&sigh=d1aJhlFs47Y&uach_m=[UACH]&cid=CAQSTABygQiD5kZLO_W6cZk2cLkh3MMuayEbTDn2FlVt1u2bLKG25KiKkD4XLv8SCYwpHtfO128mJOH-Akabn0fXek2qJe0h0tSwFFnzl5UYAQ&template_id=509&vt=10
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BC86 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6baa8a8b3d2accd75c60e4a21575680dc6f99e40754b397308eea39a0e2032c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 7832 14 KB
1 KB 29ms
27ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1685802937&rafmt=1&format=1200x280&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802947708&bpp=2&bdt=754&idt=3&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5866812604701&frm=20&pv=1&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31075004%2C44788442&oid=2&pvsid=3552925523421010&tmod=2063129335&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Oc17U0ADKj&p=https%3A//shoot-yalla.to&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 12:55:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 7832 2 KB
972 B 41ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:08:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:08:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 7832 22 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:08:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 7832 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 13:05:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 7832 19 KB
8 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:03:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7832 171 KB
53 KB 817ms
814ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:49 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 7832 32 KB
14 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:15:44 GMT

GET
H2 200 container.html Show response
02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9F5 6 KB
3 KB 38ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:47 GMT
expires: Sun, 02 Jun 2024 14:35:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7832 0
0 72ms
72ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3abiw097ZMe0MYOPhQbm1K6oAtCQ-tlw8dLQ780RChABIJOY4HdgkQSgAZnh5bopyAEJqQK4d_Jc9faxPqgDAcgDywSqBP4BT9Ar3wETX8ON6JejepRqrkeGzeMPG5o-SHu03R3YX1f7V3eWM_aiwZBWjcGka0oG-l0uzzHsHdor4bCJ-Zq4yNjRoDCWTnE_5tOd3E8ZVrUcaCozcu63Ls_X5n2AuyjdO1dDRcJrLjbTLuRVyBZ27Suq5_4YWdyvTHWxCiV1yS-gBWnzHdx7bdKXAIZzTnTwGa3loyeMvS4yM-RsBP8DFtiLJk7ddxv3J9ZFQWnMVaj-J4v75yfiNCHjYmazbUAtzVZn2cicrYrIijcDVeqGZniFrgXb-AIL16ae64Xq9b5dgUPmeWTaIRS1IVsuMvcDCdto_S-J2u1l3R55F3DABM3p1oWlBJIFBAgEGAGSBQQIBRgEoAYugAeZmbaaBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOP4FtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi03NzMxMzU2MjI3MzEwOTMwGAA&sigh=UjX7BVxI0qQ&uach_m=[UACH]&cid=CAQSGwBygQiDOttbp1ImhV79TFQwygbuz6LP-S1mDRgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1685802937&rafmt=1&format=1200x280&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802947708&bpp=2&bdt=754&idt=3&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5866812604701&frm=20&pv=1&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31075004%2C44788442&oid=2&pvsid=3552925523421010&tmod=2063129335&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Oc17U0ADKj&p=https%3A//shoot-yalla.to&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 03 Jun 2023 14:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4048224223818370891/ Frame 7832 35 KB
35 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4048224223818370891/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8311fbae6444b7fa98403009c7b64d088230827f3ed7d262ad744ed8de72876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 21:02:39 GMT
x-content-type-options: nosniff
age: 322389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35541
x-xss-protection: 0
last-modified: Wed, 10 May 2023 11:31:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 May 2024 21:02:39 GMT

GET
DATA 200
OK truncated
/ Frame 7832 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7832 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BC86 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 39921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BC86 16 KB
16 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 581532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 21:03:36 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5030
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

34ms
33ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H3
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Sat, 03 Jun 2023 14:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 0D6C 107 B
122 B 33ms
32ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=www.boomplaygames.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0D6C 107 B
122 B 34ms
33ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 057C 76 B
86 B 190ms
189ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3279755403&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802947974&bpp=3&bdt=110&idt=348&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=1531405223354&frm=24&ife=1&pv=2&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.kc3rny76z09a&fsb=1&dtd=369

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D9F5 4 KB
632 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 12:55:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame D9F5 2 KB
892 B 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:08:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:08:45 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D9F5 0
0 81ms
79ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxaITw097ZKiLKvHlnsEPl--6gAiB3q_PcMjO8_e8EfDLvvnLKhABIKiyhXxgkQSgAYDol7kDyAEJqQK4d_Jc9faxPuACAKgDAcgDywSqBKUCT9DO1DDtnXx4Ydc4okn3TCfgWdB3GqrXcJijBUOnf2oG3DZZGzamNx-fyqGh6vqAOeQdFnFmMaugx96Xt89y53_gqdNszOAz_TeXD7j48g3s_MO4m_OK_QfePQexUEOuoWuF0a4EfitQlGFKOkXcbOVDENSymQh5Ar6JU0PHChDRTycv-r_c31EtDBi1r-RZYafmICqmUJlhXTjuVriC17I9OhKipSUVEMbIEVM4H3NQVYvegNH1PDYK45572ewGHKFH0IhGdnyoL07XoQ69zA7I0yjoM__Qw07wEm-L30Mjczvq_KenU7GDCla6Ja1YBQXlrzMC9Ghm2ZG6ApO79Pp5p1dnNqKDHoUGKOlxw9322ZAT1rSxo6Q80EphOMBPYZHg5GnABNv47oShBOAEAZIFBAgEGAGSBQQIBRgEoAYugAeA8LI6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENWPE9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNjg2OTIyOTgwNjIzMjY3Nhimk3Y&sigh=1zbyXDOB1Iw&uach_m=[UACH]&cid=CAQSTABygQiD8sR-BtLn9Kp9SrFpBym1qye0ciGzUzoQDWIQZp09oJt6uQhf33acTv6ul-FwgZg0R0S2F3s580UZp1RLBoKIpjv_Z6XhkC0YAQ&template_id=494
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame D9F5 22 KB
9 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:08:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame D9F5 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 13:05:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame D9F5 19 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:03:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9F5 171 KB
53 KB 667ms
665ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:49 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame D9F5 32 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:15:44 GMT

GET
DATA 200
OK truncated
/ Frame 7832 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d83f1e6291342c8f39367f436b0ac18dc60bd1cb3078548f34ccb7da8aad3dbd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 8213181611006415291
tpc.googlesyndication.com/gpa_images/simgad/ Frame D9F5 58 KB
58 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/8213181611006415291

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f6ad7b603fc1dc28634dd76b4f0d2341a44ccd617a1d8ff95fe7c0a939b1ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:57:24 GMT
x-content-type-options: nosniff
age: 117504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59053
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 19:28:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Jun 2024 05:57:24 GMT

GET
H3 200 12522349245859928872
tpc.googlesyndication.com/gpa_images/simgad/ Frame D9F5 49 KB
49 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/12522349245859928872

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a0b32eee4c6e023e7856baf6f96d9aa66c043f47e8684c13eda6acc9cf451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 02:06:29 GMT
x-content-type-options: nosniff
age: 44959
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50509
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 22:20:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 02:06:29 GMT

GET
H3 200 13463111478869079680
tpc.googlesyndication.com/gpa_images/simgad/ Frame D9F5 73 KB
73 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/13463111478869079680

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54b374c5d7abd63494eaa05e3639e9937e718b398756e98f5fb02966084c038e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:12:56 GMT
x-content-type-options: nosniff
age: 120172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75096
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 22:03:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Jun 2024 05:12:56 GMT

GET
H3 200 11529260093631937205
tpc.googlesyndication.com/gpa_images/simgad/ Frame D9F5 56 KB
56 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/11529260093631937205

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eea2ce1f8bd474ef25d083047bcd65a1c4ae272c0a2405201e97ef4222e3325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 19:10:58 GMT
x-content-type-options: nosniff
age: 69890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57275
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 01:08:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Jun 2024 19:10:58 GMT

GET
H3

200

16323034589907184376
tpc.googlesyndication.com/simgad/ Frame D9F5
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA1OW6KhDEExjEEzII5sikwV9UQUQ
https://tpc.googlesyndication.com/simgad/16323034589907184376

20 KB
20 KB

20ms
20ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16323034589907184376

Requested by

Host: 02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
URL: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8a436827521bf85aa58c412c1de6866c46a5ede0a3b7a4b8a5967704e1e6576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:22:06 GMT
x-content-type-options: nosniff
age: 569622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20016
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 08:55:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 May 2024 00:22:06 GMT

Redirect headers

date: Fri, 02 Jun 2023 22:39:12 GMT
x-content-type-options: nosniff
server: cafe
age: 57396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16323034589907184376
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Jul 2023 22:39:12 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BC86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

27ms
27ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H3
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Sat, 03 Jun 2023 14:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC86 2 KB
2 KB 25ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 57095
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 03 Jun 2023 22:44:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC86 295 B
324 B 26ms
25ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 14344
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 04 Jun 2023 10:36:44 GMT

GET
H3 200 7032806474683804938
s0.2mdn.net/simgad/ Frame BC86 283 KB
283 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7032806474683804938

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d38196a3c2cd9d1b9601c1fad699d624cc566ae8458d5bc8298eac6143af7c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:54:49 GMT
x-content-type-options: nosniff
age: 592859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289617
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:07:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 17:54:49 GMT

GET
H3 200 7535925915772939850
s0.2mdn.net/simgad/ Frame BC86 4 KB
4 KB 27ms
26ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7535925915772939850

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a50da05eb3795f33bbdb180412988137805c3bdf5ff1469ae29cb681abf7972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:05:03 GMT
x-content-type-options: nosniff
age: 603045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3841
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:07:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 15:05:03 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
225 B 21ms
21ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/XGjPQ/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://shoot-yalla.to
Date: Sat, 03 Jun 2023 14:35:47 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 9BE3 35 B
601 B 67ms
59ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: JiBOWUQC-G5ALLM2sMvNj7K0XMl70IYBEK-FenDiud96874M1WCxAg==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 9BE3 35 B
602 B 107ms
99ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 14:35:56 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: ZLnRv30FaPE3TzZ1AD1oVJu6P9HSTBXa92CqUYr-Bk4d_V5iZGbG_w==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 9BE3 35 B
603 B 100ms
92ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3GO3e3K6UIaUq-fogqy&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: -HVZVuyfRUfhRFYbeuliH0xmvpqKINyvH1n-7Im9wdfLl7_2e3vGRw==

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 0D6C 87 KB
30 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

898a2363d44119a5041d61d6d75c4d3c443400ec20cd84839392f0ac66a2d537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30661
x-xss-protection: 0
server: cafe
etag: 4387538009748317122
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
DATA 200
OK truncated
/ Frame D9F5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bba266e4d20d61d640a03e05bdc8091a3648449f75bde143cb91e513f194816

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content b1eng_1-1415.ts Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 1 B
361 B 45ms
45ms XHR
video/mp2t 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1-1415.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: cbecda1c7d37d4c0aa5466243bb4a0018c31bf06d74fa7338290dd3068db4fed

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-0

Response headers

Date: Sat, 03 Jun 2023 14:35:48 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:28 GMT
Server: nginx
ETag: "647b4fb0-96170"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 0-0/614768
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1

GET
H/1.1 200
OK b1eng_1-1416.ts Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 610 KB
610 KB 92ms
92ms Fetch
video/mp2t 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1-1416.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: da4c714560d28855fe328ea05399a8198bf43c093dc0978213d9155090a36204

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:48 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:32 GMT
Server: nginx
ETag: "647b4fb4-987a0"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 624544

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&preloadAdBreaks=on&onReady=true&event=adcf_cl&client=ca-pub-7731356227310930&bow_v=r20230531&js_v=m202305300101&fetcher=adsense&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 0D6C 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0D6C 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0FE 61 KB
8 KB 715ms
714ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ccdc0286ac6ba6198c45ebc826fe4705013d79c571b98ada421dcf3d303286b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 8227
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5917 94 KB
22 KB 366ms
365ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378855&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948735&bpp=1&bdt=871&idt=0&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.gy3ha2o1ydqt&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56c54e75195bee57937c88527a47e30515dc2b873d679ca92d94b9f3b0d3045a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 22251
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 0D6C 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK b1eng_1-1417.ts Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 472 KB
473 KB 45ms
45ms Fetch
video/mp2t 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1-1417.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: 7ccafa1c2e568531da897ec36213efee74a751585bbc0c9a0dfb839085938852

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:49 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:35 GMT
Server: nginx
ETag: "647b4fb7-76190"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 483728

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7832 33 KB
33 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 329192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 19:09:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5917 2 KB
570 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378855&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948735&bpp=1&bdt=871&idt=0&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.gy3ha2o1ydqt&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 13:11:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:49 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 5917 20 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:48:56 GMT

GET
H3 200 countdown_handler_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 5917 18 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/countdown_handler_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df1d8e4b7311af9879283ee395a2993f34ab8b43035d3aa5d62a5b0cbce62ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7201
x-xss-protection: 0
server: cafe
etag: 14182087956370475329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 23:15:06 GMT

GET
H2 200 get Show response
feed.avplayer.com/backend/ 5 KB
894 B 120ms
42ms XHR
application/json 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=64295823302f184a0404d414&pid=641ff5a9b9dfa3debc05c057&cid=6429527cd63edfd716048c86&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=641ff5a9b9dfa3debc05c057
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=64295823302f184a0404d414&AV_PUBLISHERID=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: c0883f3b1b0e7e616c54632fbdfbe938f3fecb3ce704695073acf41ef89b6030

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-hw: 1685802949.dop123.am5.t,1685802949.cds116.am5.hn,1685802949.cds233.am5.c
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shoot-yalla.to
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 690

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8.3/v/ 786 KB
203 KB 73ms
27ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=64295823302f184a0404d414&AV_PUBLISHERID=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: fac0ea60a1683307dcdff8e8bd3b6f1067146241a76a69160c7a58b47183a271

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2023 09:10:34 GMT
etag: "1685437834"
x-hw: 1685802949.dop217.am5.t,1685802949.cds292.am5.hn,1685802949.cds018.am5.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 206838

GET
H2 200 track
servt.modoro360.com/ 0
98 B 344ms
105ms Image
text/plain 34.237.109.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=641ff5a9b9dfa3debc05c057&cid=6429527cd63edfd716048c86&cb=1685802949130&r=shoot-yalla.to&stagid=64295823302f184a0404d414&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=8&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=autostart
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.109.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-109-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D9F5 21 KB
21 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 21:26:50 GMT
x-content-type-options: nosniff
age: 580139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 21:26:50 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D9F5 20 KB
20 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 597307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 16:40:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C080 8 KB
750 B 44ms
43ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 12:57:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:49 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame C080 15 KB
3 KB 107ms
24ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 05:06:06 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame C080 371 KB
127 KB 108ms
25ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 16:50:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame C080 19 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:03:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C080 0
0 41ms
40ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT20vAvzKEmgmCWpDMHMxXA1u1jVmnye9inZ38Sg_Xov-ZVXzC8z2zuKfku4pdUqRw_GNGNT26Lcz9U3nr00FHkXEpucQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378855&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948735&bpp=1&bdt=871&idt=0&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.gy3ha2o1ydqt&fsb=1&dtd=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CF7 38 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 13:04:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=2&src=1&stats=1&timing=517&event=prf_suc&client=ca-pub-7731356227310930&bow_v=r20230531&js_v=m202305300101&fetcher=adsense&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame C40A 38 KB
15 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 13:04:21 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 0E8C 467 KB
125 KB 91ms
20ms Script
application/javascript 2a02:26f0:480:794::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:794::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f318022e24717ae3263e0aefbbf4539a12074827b5de921d0c2066154d365871

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvDs9SY871Og95XdzToGoNItoEKU53ewNb959ToLQCRk4LKP7-zck5zNcfIdG9QphfVZWw9pu_sedgJm1uRpJTl9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 127665
last-modified: Tue, 30 May 2023 13:47:47 GMT
server: UploadServer
etag: "526f030a71543559869d22e5dd7bd031"
vary: Accept-Encoding
x-goog-generation: 1685454467746321
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=1V+jtA==, md5=Um8DCnFUNVmGnSLl3XvQMQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 127665
accept-ranges: bytes
expires: Sat, 03 Jun 2023 14:45:49 GMT

GET
H2 200 large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 17 KB
17 KB 48ms
21ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
x-guploader-uploadid: ADPycdsySypgtQao-Ue6dT2_hhqFI66yfNY6OPSswN1qcZfuwqydYn3D0LxGEsWUXXJu2DUHCM8f4af8vhsq4KLodPLA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16959
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
server: UploadServer
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1685802949.dop217.am5.t,1685802949.cds292.am5.hn,1685802949.cds310.am5.c
x-goog-stored-content-length: 16959
accept-ranges: bytes

GET
H2 200 31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 34 KB
35 KB 31ms
13ms Font
application/octet-stream 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer: https://shoot-yalla.to/
Origin: https://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2023 09:10:35 GMT
etag: "1685437835"
x-hw: 1685802949.dop123.am5.t,1685802949.cds116.am5.hn,1685802949.cds154.am5.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 35197

GET
H/1.1 200
OK favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 15 KB
15 KB 410ms
39ms Image
image/x-icon 141.95.4.204
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.95.4.204 , France, ASN16276 (OVH, FR),
Reverse DNS: ip204.ip-141-95-4.eu
Software: /
Resource Hash: fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:49 GMT
X-Openstack-Request-Id: tx6814e7bcaa4b4c85b3be1-00647b4fc5
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
Etag: 7bf4f6782dee3b520a65ff84286e3691
Content-Type: image/x-icon
X-Timestamp: 1612097853.12655
Accept-Ranges: bytes
Content-Length: 15086
X-Trans-Id: tx6814e7bcaa4b4c85b3be1-00647b4fc5

POST
H2 204 csi
csi.gstatic.com/ Frame C080 0
54 B 1115ms
392ms Ping
image/gif 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lig3jstt&c=1538607677899&slotId=769303838949.5&qqid=CP-ntK-pp_8CFUnt4wcd26EBPw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C080 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CIhyBxE97ZP-1Msnaj-8P28OG-APJntKxXNWdkfdwwI23ARABIABgoQKCARdjYS1wdWItNzczMTM1NjIyNzMxMDkzMMgBBakCuHfyXPX2sT6oAwHIAwKqBMkBT9AfxwIUm69EMnu09hvz72dcBA8bK26AbkowPO7TT5eQWfUs9ZUiBS8vsxiOsB8mwloqHPuGPV6cJD6rNbsKRWiN0t8-aa3U8IDCQSm1l1rNVtaqYIRDSDTSzxXb9_3JqaHOrmbhNS_F9MduT-3gKMPjKeEqHsCfxtzHnqmkPhJXOAkFDkO2dc_eHPDGzQdf8fSzvK41Yp-yxxCtKdcazB09EpBd04bvJs7GKs2l_n1zZPHzIY_Ygnv1p2iM3GQ2AYMbQlBX07XmgAaQ58z35YmlrMABoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1685802949560&ai=CIhyBxE97ZP-1Msnaj-8P28OG-APJntKxXNWdkfdwwI23ARABIABgoQKCARdjYS1wdWItNzczMTM1NjIyNzMxMDkzMMgBBakCuHfyXPX2sT6oAwHIAwKqBMkBT9AfxwIUm69EMnu09hvz72dcBA8bK26AbkowPO7TT5eQWfUs9ZUiBS8vsxiOsB8mwloqHPuGPV6cJD6rNbsKRWiN0t8-aa3U8IDCQSm1l1rNVtaqYIRDSDTSzxXb9_3JqaHOrmbhNS_F9MduT-3gKMPjKeEqHsCfxtzHnqmkPhJXOAkFDkO2dc_eHPDGzQdf8fSzvK41Yp-yxxCtKdcazB09EpBd04bvJs7GKs2l_n1zZPHzIY_Ygnv1p2iM3GQ2AYMbQlBX07XmgAaQ58z35YmlrMABoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C080 0
54 B 1091ms
392ms Ping
image/gif 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lig3jsu2&c=1538607677899&slotId=769303838949.5&qqid=CP-ntK-pp_8CFUnt4wcd26EBPw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.n1&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast.php Show response
ads.eu.criteo.com/delivery/r/0.1/ Frame C080 12 KB
7 KB 470ms
55ms XHR
text/xml 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/0.1/vast.php?z=ZHtPxAAMmv8H4-1JAAGh23uUw1s3SFtC_XJL2w&u=%7C8jtWhQEOGF5hP8F2NTi9Brhuo8mTCX23aiF%2FA%2FlhRFw%3D%7C&c1=0n2XosTo5cliKCnvh9OE5oxT-MGkrWaZU-m8kbyVS1C3ONUiWcIi_nSK3dtGdQTbpjbOYrdfP-BuMneNjd8E3jfS2nP-Lj_j5YMNtbZBDQXbH4Ptr2Z4Y8q32XmDkBRnL-AwfcWNha0DHwUSICmuK4Nk0XXh2vWswxcEA1iRGE7H7Ia7YC3_2pDdyyZInRPO5ktYw5ESY1m-43FVI8Ms2FAUs2wz8rAhTpeGC-DposC4Wcouwtb6mucA0fgZQwm5YmMg3b3DAx8XPzOYk4kFkZmi3rTyqPJHtIJhn2V4cVqtHR_FgvWzLbVwATN3HA1GA_zbN9rtW1cfDDM9KdIaaMj6wMaOAPLSJlXbmOUXPp9Mr8tWXA1JteO_CCMJHmCtTX9r9VhYsk-tWa95SL6vg6Vapn17omox1cfQ-KGuPosJeffQPajt6e51xEiaSEDJNm3oSNDz_VmGJE-YYVH-h91MKeVEBHiehrCKwgOKrojmkq4SCMZ7-moAbQNwDG5DAwHc4lQ-X4J51EkjqKRYJw6pmIm1vhJoK7kVXm1pvqqKhMl7A5ZtbRad4KfW512mPKGO5xp_3wS5GJd9lDywc_jMkMUnW8fvQYyC6gaEfojD6GbyZfci-w&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIhyBxE97ZP-1Msnaj-8P28OG-APJntKxXNWdkfdwwI23ARABIABgoQKCARdjYS1wdWItNzczMTM1NjIyNzMxMDkzMMgBBakCuHfyXPX2sT6oAwHIAwKqBMkBT9AfxwIUm69EMnu09hvz72dcBA8bK26AbkowPO7TT5eQWfUs9ZUiBS8vsxiOsB8mwloqHPuGPV6cJD6rNbsKRWiN0t8-aa3U8IDCQSm1l1rNVtaqYIRDSDTSzxXb9_3JqaHOrmbhNS_F9MduT-3gKMPjKeEqHsCfxtzHnqmkPhJXOAkFDkO2dc_eHPDGzQdf8fSzvK41Yp-yxxCtKdcazB09EpBd04bvJs7GKs2l_n1zZPHzIY_Ygnv1p2iM3GQ2AYMbQlBX07XmgAaQ58z35YmlrMABoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3PC1fJ3HmOAlMI1BT_Xb_NRq1AZA%26client%3Dca-pub-7731356227310930%26adurl%3D

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7257f94b4d38a2e4b7029e7be497520224659bab3686729a0989158c321b0760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3566507
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/xml
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EB1D 1 KB
643 B 33ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 66527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 20:07:02 GMT
etag: 48472445140208031
expires: Sat, 03 Jun 2023 20:07:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame F0FE 2 KB
570 B 39ms
34ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 13:15:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:49 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame F0FE 20 KB
8 KB 33ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:48:56 GMT

GET
H3 200 countdown_handler_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame F0FE 18 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/countdown_handler_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df1d8e4b7311af9879283ee395a2993f34ab8b43035d3aa5d62a5b0cbce62ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7201
x-xss-protection: 0
server: cafe
etag: 14182087956370475329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 23:15:06 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 0D6C 0
0 80ms
78ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK b1eng_1-1418.ts Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 531 KB
531 KB 74ms
70ms Fetch
video/mp2t 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1-1418.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: 5a55e9b16045cfaaf4ec4461719ba0598f120bc66ba7097e5cbe3fde05cb20b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:49 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:39 GMT
Server: nginx
ETag: "647b4fbb-84c90"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 543888

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5030 42 B
64 B 65ms
64ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvp1xTgrW01IswYO5nmfkLc7hD13r55g1av_InC0N72Ewf-ChfKAekeNFD6MQ3dsQ7d7asioXQylkG_GBtDqcHUwNiffEO4RqqJ6mG-SuC2BjifHEvZepPlIamoF_yWF_LOknZCGw&sai=AMfl-YTYWdCKYa6Gamu3FRQZq1EleeVTlnHVjKljniQWMRF1kvDN-zdsID8rFneg-9wKHgea7_lp_5wyL-O_BiYh2yKynM70iJoS9ruI6ALtByWj7jniIsKVp9vw5b8hlkdB9-GQXaxSA8Vt5hf1gg&sig=Cg0ArKJSzF_nHIOyhqTBEAE&cid=CAQSTABygQiD9wUYRGpxFrylipfq9ljrzRqiem8BJ_TXkoWioqT2JFcHZ5fVQIC-OWm9Qr8pUXW4rNtS07_qsep0gzGAsT_O_VGQE_FUJ_gYAQ&id=ampim&o=0,1107&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1065&mtos=0,0,1065,1065,1065&tos=0,0,1065,0,0&tfs=518&tls=1583&g=100&h=100&tt=1583&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3A39 2 KB
570 B 35ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 12:57:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 14:35:49 GMT

GET
H3 200 rewarded_web_video_en.js Show response
www.gstatic.com/admanager/outstream/ Frame 3A39 346 KB
117 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

894b8a5ba082b76664658849b9201138ce24a44bf36ed16301fc4ff2090a3bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119902
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Mar 2023 21:18:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="drx-mobile-serving"
vary: Accept-Encoding
report-to: {"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BC86 42 B
64 B 103ms
98ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-AnvRgzqRTYhYhBwq6nvLh8kzBWA0DOVPP5IktVqTlEds-VYl4mVOV9FB1k0BnI5zDtfl7RBqQd6_4fwmD8x9WP7mFrNJEX19DHZVpCMwA8yw3K3bJxrhwhOADjE4v_Qq2BrsXhaRS6Cw&sai=AMfl-YTURS3b5ttprsHOUbG1yV6x5R4qp2_7iPOcMVqD9Bk4nUOlBQk5BNff2pePevJlL76I7y52yUyJyms8RMPTSdw-0Ls-LntESkw-6XYId7jgY9-usMR4VAvGSnMIliGh9ismOaAiqymzygotag&sig=Cg0ArKJSzH7IxVsKAvHvEAE&cid=CAQSTABygQiD5kZLO_W6cZk2cLkh3MMuayEbTDn2FlVt1u2bLKG25KiKkD4XLv8SCYwpHtfO128mJOH-Akabn0fXek2qJe0h0tSwFFnzl5UYAQ&id=ampim&o=250,917&d=1100,250&ss=1600,1200&bs=1600,1200&mcvt=1077&mtos=0,0,0,1077,1077&tos=0,0,0,1077,0&tfs=482&tls=1559&g=100&h=100&tt=1559&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame EB1D
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEDS1gxq4fOtk25sE1ouj-WA&google_cver=1&google_push=ATf1kGPg6SumhhIlqglTLMTnnK2sOJJI79_2_NstEjEnyEP5dn4excw7pOx4pYrYbJVJfuMs1ECCKC5hgRAc6tS730Nd43BEkMD5UA
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

29ms
27ms

Image
image/gif

104.102.40.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1
Protocol: HTTP/1.1
Server: 104.102.40.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-40-143.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Sat, 03 Jun 2023 14:35:49 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sat, 03 Jun 2023 14:35:49 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EB1D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHtP7IZ00jr22kBVEyx28jY&google_cver=1&google_push=ATf1kGMqzBAKXKcLFIuJFlR7RGi6n0UrKt0ZcqiBKvy1JE-rGki5BGEp5lj0TzymEPbnsXINF3DN9ncJWBYws6M0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMqzBAKXKcLFIuJFlR7RGi6n0UrKt0ZcqiBKvy1JE-rGki5BGEp5lj0TzymEPbnsXINF3DN9ncJWBYws6M0WFtPQCt1h4ky5Q

170 B
232 B

64ms
62ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMqzBAKXKcLFIuJFlR7RGi6n0UrKt0ZcqiBKvy1JE-rGki5BGEp5lj0TzymEPbnsXINF3DN9ncJWBYws6M0WFtPQCt1h4ky5Q

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 03 Jun 2023 14:35:49 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x4 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMqzBAKXKcLFIuJFlR7RGi6n0UrKt0ZcqiBKvy1JE-rGki5BGEp5lj0TzymEPbnsXINF3DN9ncJWBYws6M0WFtPQCt1h4ky5Q
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Jun 2023 14:35:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB1D
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESENPSM78MDOR4USFqdNrSh3o&google_cver=1&google_push=ATf1kGMmfQQ0wBK6U6Ztgc6QEugpgfIk3_QQh_CpOOQ814FAyvv294FJCN1qS5kaxXG1KN4VDVtz1uhwAi6pCiV5mhEEaEHMhTOvfQ
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGMmfQQ0wBK6U6Ztgc6QEugpgfIk3_QQh_CpOOQ814FAyvv294FJCN1qS5kaxXG1KN4VDVtz1uhwAi6pCiV5mhEEaEHMhTOvfQ&google_hm=UjMzNjQ3XzEwM0...

170 B
188 B

75ms
73ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGMmfQQ0wBK6U6Ztgc6QEugpgfIk3_QQh_CpOOQ814FAyvv294FJCN1qS5kaxXG1KN4VDVtz1uhwAi6pCiV5mhEEaEHMhTOvfQ&google_hm=UjMzNjQ3XzEwM0IxNjMxNF80MzY1NzUxRg%3D%3D

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGMmfQQ0wBK6U6Ztgc6QEugpgfIk3_QQh_CpOOQ814FAyvv294FJCN1qS5kaxXG1KN4VDVtz1uhwAi6pCiV5mhEEaEHMhTOvfQ&google_hm=UjMzNjQ3XzEwM0IxNjMxNF80MzY1NzUxRg%3D%3D
Date: Sat, 03 Jun 2023 14:35:49 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-368807696; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 348
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB1D
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESECP30HmjmUQleZ4L68-rzFY&google_cver=1&google_push=ATf1kGOalERE3Knt-RAruePx5jbSj-nIXFY4oc9QCNMczGf7QBrBY2kf-rk2RUs7MHjq07jjQiCAgjGGXGCLwSUabe5LAC_aTiFcvg
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjgzMUI3MjAwN0Q4MzhFOA==

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjgzMUI3MjAwN0Q4MzhFOA==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjgzMUI3MjAwN0Q4MzhFOA==
date: Sat, 03 Jun 2023 14:35:50 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EB1D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGyvbUbUxZoXPrFjzmSBgBc&google_cver=1&google_push=ATf1kGP79r5Vb9r0cEgecRMV69w2T2ETKHotqnvmwn0lorA28YpyyMs5BkK1hIfViuJCfAJJSvbf4tiwIKY685I1ir0Vvoj...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP79r5Vb9r0cEgecRMV69w2T2ETKHotqnvmwn0lorA28YpyyMs5BkK1hIfViuJCfAJJSvbf4tiwIKY685I1ir0VvojrZ--4&google_hm=eS1Pc3FrNUs1RTJwSFdjdz...

170 B
232 B

68ms
65ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP79r5Vb9r0cEgecRMV69w2T2ETKHotqnvmwn0lorA28YpyyMs5BkK1hIfViuJCfAJJSvbf4tiwIKY685I1ir0VvojrZ--4&google_hm=eS1Pc3FrNUs1RTJwSFdjdzY4aWpFaklCcWt4a2NmYkYyU35B

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 03 Jun 2023 14:35:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP79r5Vb9r0cEgecRMV69w2T2ETKHotqnvmwn0lorA28YpyyMs5BkK1hIfViuJCfAJJSvbf4tiwIKY685I1ir0VvojrZ--4&google_hm=eS1Pc3FrNUs1RTJwSFdjdzY4aWpFaklCcWt4a2NmYkYyU35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EB1D
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEMfybMsX1WOhfvXjDM2i_sE&c_param1=ATf1kGPI6btrDjgsnQLlXlygIrpsIydq3kO3uOYzb7OuaWKZ7jlnx9AikCKWmiWe8WQWxduzSrSb-UkZlIfbqoo0j03YIm_tGmYncw&gdpr=%%GDPR%...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPI6btrDjgsnQLlXlygIrpsIydq3kO3uOYzb7OuaWKZ7jlnx9AikCKWmiWe8WQWxduzSrSb-UkZlIfbqoo0j03YIm_tGmYncw

170 B
329 B

63ms
61ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPI6btrDjgsnQLlXlygIrpsIydq3kO3uOYzb7OuaWKZ7jlnx9AikCKWmiWe8WQWxduzSrSb-UkZlIfbqoo0j03YIm_tGmYncw

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPI6btrDjgsnQLlXlygIrpsIydq3kO3uOYzb7OuaWKZ7jlnx9AikCKWmiWe8WQWxduzSrSb-UkZlIfbqoo0j03YIm_tGmYncw
date: Sat, 03 Jun 2023 14:35:49 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EB1D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBM-K8pQFPd68kyG5uUA6-I&google_cver=1&google_push=ATf1kGMYi0Wmm9k_mNWKURGvFl4QHNtS8WLGNyT-H4dzuixjRJpX4i25e-Nl6yLKxegbtO6o5rLhY5zvAuEy...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMYi0Wmm9k_mNWKURGvFl4QHNtS8WLGNyT-H4dzuixjRJpX4i25e-Nl6yLKxegbtO6o5rLhY5zvAuEyplRuP2aAkZjjOQY-Zg

170 B
232 B

66ms
64ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMYi0Wmm9k_mNWKURGvFl4QHNtS8WLGNyT-H4dzuixjRJpX4i25e-Nl6yLKxegbtO6o5rLhY5zvAuEyplRuP2aAkZjjOQY-Zg

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMYi0Wmm9k_mNWKURGvFl4QHNtS8WLGNyT-H4dzuixjRJpX4i25e-Nl6yLKxegbtO6o5rLhY5zvAuEyplRuP2aAkZjjOQY-Zg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EB1D 0
139 B 141ms
21ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjTMpg2dLQzTMv6crURjgjIcEQ87r4MeClQz4qJDqYd9PvbliYKJx1DX9jtljueLqcEbSE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 73ms
61ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: efb8ec6d8932ffaab54c328356c0485614ce86b945880e0b5a33672773c5398b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:49 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:46 GMT
Server: nginx
ETag: "647b4fc2-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 0
20 B 83ms
79ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=1&src=1&stats=1&timing=1059&event=prf_suc&client=ca-pub-7731356227310930&bow_v=r20230531&js_v=m202305300101&fetcher=adsense&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D6C 0
20 B 77ms
69ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=start&name=bp-game-afg-egg&frequency_cap=30&last_intr=1685802949775&event=adbr_cl&client=ca-pub-7731356227310930&bow_v=r20230531&js_v=m202305300101&fetcher=adsense&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F0FE 15 KB
15 KB 65ms
57ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 39922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 22 KB
4 KB 1334ms
1054ms XHR
application/json 3.215.53.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=64295823302f184a0404d414&AV_PUBLISHERID=641ff5a9b9dfa3debc05c057&AV_DURATION=18&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&AV_CHANNELID=6429527cd63edfd716048c86&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=shoot-yalla.to&AV_DADPOS=1&AV_TAG=64295823302f184a0404d414&AV_TEMPLATE=6192229fa59e3976bb4400aa&AV_GPID=/641ff5a9b9dfa3debc05c057/64295823302f184a0404d414/shoot-yalla.to&d36=6.2.102&responsive=1&sver=4&avtoken=949881&omv=1.0.1&AV_D65=Test1&AV_D66=8.3.10&clsid=df90d2d9-e7b1-43f2-a599-356783f1d4fe&rando=61&AV_WIDTH=600&AV_HEIGHT=337&AV_DNT=0&cb=1685802949884&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.53.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-53-2.compute-1.amazonaws.com
Software: /
Resource Hash: 9ff4e089add6873847d959205e74e57b010ed57a628b6456af15a977518c7be1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://shoot-yalla.to
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Tue, 23 May 2023 00:49:10 GMT

GET
H2 200 track
servt.modoro360.com/ 0
97 B 108ms
108ms Image
text/plain 34.237.109.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=shoot-yalla.to&sn=&ic=0&tgt=0&app=&wi=600&he=337&test=&d36=6.2.102&apppkg=&fv=1&proto=https&d65=Test1&d66=8.3.10&clsid=df90d2d9-e7b1-43f2-a599-356783f1d4fe&rando=61&pid=641ff5a9b9dfa3debc05c057&cid=6429527cd63edfd716048c86&stagid=64295823302f184a0404d414&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=80&cb=1685802949883
Requested by: Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.109.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-109-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3A39 0
54 B 762ms
393ms Ping
image/gif 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lig3jt3h&c=2009990580737&slotId=1004995290368.5&qqid=CMyhtK-pp_8CFaAgswAdNX4D3g&fb=rewarded_web-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C44776384%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rewarded_web
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 volume_off.png
www.gstatic.com/dfp/native/ Frame 3A39 3 KB
3 KB 23ms
22ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/volume_off.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:09:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 26759
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 02 Jun 2024 07:09:50 GMT

GET
H3 200 pause.png
www.gstatic.com/dfp/native/ Frame 3A39 763 B
786 B 22ms
21ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/pause.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 16:18:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 598619
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 763
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 May 2024 16:18:50 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3A39 0
54 B 749ms
392ms Ping
image/gif 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lig3jt3v&c=2009990580737&slotId=1004995290368.5&qqid=CMyhtK-pp_8CFaAgswAdNX4D3g&fb=rewarded_web-lima&met.4=ls.lig3jt3v~arps.lig3jt3y&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=1&vhc=0&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3A39 15 KB
15 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 39922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3A39 42 B
64 B 65ms
65ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCEQSxE97ZMyvMqDBzLUPtfyN8A2muL71cPiHw_PdEbCQHxABIJOY4HdgoQKgAeOChbkCyAEFqAMByAMCqgTYAU_QXjkBXommzf1f1-T90DNz6SALz1mGf2ApNO_r1vWJfA4E6yxdXSXEqM2OYZzzFUtTbk89sBi6oChCCofHqTwDixovRjG2PCsYisqVz3aa_LuBStLcBtn0IRYka1_1DFXnqTURhmWvtU7vIWor-g5PHY7d81Df9z6PNxKdvxHBjKrGzU3fa9zd6EMDETlCVHRHweM_iB6kWMc6psgOZqcTLLFM0FfAJMfg4QncKIijxaURcfIigwFvVo82-V31JynPvrvHxjxMlwgwjXIUA8WDK7o-jP7BFsAEgPncj8EEoAZTgAf65t3iA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOrEJJaY0b4Hp0NSACgGYCwHICwG4DAHYExPQFQH4FgGAFwE&sigh=yv05EthfFgk&cid=CAQSKQBygQiDHspAg6_K3_ILE_UmOun393CSk_QUhMdK-wJPFPxBAhGo_6qI&label=rewarded_ad_video_started_precaching

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 0D6C 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 206
Partial Content videoplayback
rr3---sn-aigzrn7d.googlevideo.com/ Frame 3A39 139 KB
139 KB 192ms
49ms Media
video/mp4 2a00:1450:4009:34::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-aigzrn7d.googlevideo.com/videoplayback?expire=1685831749&ei=xU97ZIbjFKWGkATzy4iACw&ip=2001:1af8:4020:a034:9876::13&id=c189e66944e7283b&itag=18&source=youtube&requiressl=yes&mh=Om&mm=31&mn=sn-aigzrn7d&ms=au&mv=m&mvi=3&pl=42&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.153&lmt=1685635753525200&mt=1685802552&txp=5319224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgVhzvxxRqHc429czvHfRW4146jQi4vksOyx8nrmyMHSQCIBoXmQrX2LQ0gu8cgDwSgqZGi7j0bpFgmHrinezmiihj&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgJoRAD793R8wkmBjlcE460a-NzdZmEl1yyPDf2a8FsPoCIQDiTQy9PCmeBE2ySOj0klO9-ZDuzAi67ikLGHOJmuavEw==&cpn=Y0FUmTv5BmwxzNHP

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:34::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9c7ea5ce4e244f14f3fd23b25a6044d6b4efe88a7dfd7f4fbf8993f97a076cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 03 Jun 2023 14:35:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 01 Jun 2023 16:09:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-142108/142109
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 142109
Expires: Sat, 03 Jun 2023 14:35:50 GMT

GET volume_on.png
www.gstatic.com/dfp/native/ Frame 3A39 0
0

GET
H/1.1 200
OK b1eng_1-1419.ts Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 605 KB
605 KB 54ms
53ms Fetch
video/mp2t 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1-1419.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: 9951a2e9a2fa89f2b3adb53ed5e021a8039bf478bcb2897c5f4b3dde69c0bc76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:50 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:43 GMT
Server: nginx
ETag: "647b4fbf-97250"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 619088

POST
H2 204 csi
csi.gstatic.com/ Frame C080 0
234 B 617ms
391ms Ping
image/gif 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lig3jsue&c=1538607677899&slotId=769303838949.5&qqid=CP-ntK-pp_8CFUnt4wcd26EBPw&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C080 2 KB
1 KB 28ms
21ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 May 2024 14:35:50 GMT

GET
H2 206 e4c5ee9e681343d5ac708e4cc884cf2a_9x16_fb___twt_video_1_eu_en_vo.mp4
static.criteo.net/design/dt/44862/230301/ Frame C080 47 KB
0 72ms
68ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/44862/230301/e4c5ee9e681343d5ac708e4cc884cf2a_9x16_fb___twt_video_1_eu_en_vo.mp4

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 01 Mar 2023 13:08:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63ff4e49-1f0c67"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-2034790/2034791
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2034791
expires: Tue, 28 May 2024 14:35:50 GMT

GET
H2 206 e4c5ee9e681343d5ac708e4cc884cf2a_9x16_fb___twt_video_1_eu_en_vo.mp4
static.criteo.net/design/dt/44862/230301/ Frame C080 35 KB
35 KB 85ms
32ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/44862/230301/e4c5ee9e681343d5ac708e4cc884cf2a_9x16_fb___twt_video_1_eu_en_vo.mp4

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c1fc3f64cd5ce4f132a9f86fb6325dd97ad57475f6e58b4ff8a94f933b5c3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=1998848-

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 01 Mar 2023 13:08:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63ff4e49-1f0c67"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 1998848-2034790/2034791
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 35943
expires: Tue, 28 May 2024 14:35:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0D6C 14 KB
11 KB 102ms
91ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a4fdfa3b168b3fc6a46c4c1d3fc78b68cc0a471b1ca20e2fbc5b2ae910902d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11188
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 95ms
88ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f1a165fae5b9201b0550de14439a0f7d7aade42c1356de57a2bb2771a4bc628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11114
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7832 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssct4vjbOD1Ne5xSImvQ3iQ36KV7iRId6rtW3v5cq3bRyD8cm0sc6EpjMf8FRWLEVzyQcIM7dXWKbC_RwA5-nEA0L4lHeVAos7gx1Hk8yF0cnTyHvPCWH3nR5UbtpJRQ_sqD1CFVA&sai=AMfl-YTUdYsljUj9_-0oUpVnmFrDYVsVGPSCRu6204q_Reb2RSbPYn7t48DWiW1KORa6BB6HzFS3ObIW3hMc&sig=Cg0ArKJSzMV5wQ7jfHLNEAE&cid=CAQSGwBygQiDOttbp1ImhV79TFQwygbuz6LP-S1mDRgB&id=lidar2&mcvt=1022&p=0,0,280,1200&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2350421022&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685802947721&rpt=1456&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D9F5 42 B
64 B 151ms
150ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSDNrwUMoEH8D1qYXZ5lWbqbnpqoDh5ED1h91-36xe_bybITBPGE2gnd2D3dyawxrOssoQBrxjitXyQt7Tado1tnr3fPzMrv9EFvyPXerHw2EPgL1lQKU54mCDqBXxVYvo4dx3mB_IEeOX&sai=AMfl-YRXy9cHtLC8h3PPm6NuQ9HURMMXe95eeBDqlNjvPonTggJu9uE_KzGyNGgkjxUTrDVIONDQ0fOEMC7xH7P5MvziVdYwDXDK19_F3lJx_kl-l7xvrVSEkgmqmkDCBZUEkuY1aPkLvFlex3-GCg&sig=Cg0ArKJSzD65HuaCUSLzEAE&cid=CAQSTABygQiD8sR-BtLn9Kp9SrFpBym1qye0ciGzUzoQDWIQZp09oJt6uQhf33acTv6ul-FwgZg0R0S2F3s580UZp1RLBoKIpjv_Z6XhkC0YAQ&id=lidar2&mcvt=1002&p=441,250,691,1220&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3826710058&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685802948224&rpt=1018&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 e4c5ee9e681343d5ac708e4cc884cf2a_9x16_fb___twt_video_1_eu_en_vo.mp4
static.criteo.net/design/dt/44862/230301/ Frame C080 2 MB
0 47ms
44ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/44862/230301/e4c5ee9e681343d5ac708e4cc884cf2a_9x16_fb___twt_video_1_eu_en_vo.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=32768-

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 01 Mar 2023 13:08:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63ff4e49-1f0c67"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 32768-2034790/2034791
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2002023
expires: Tue, 28 May 2024 14:35:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D6C 17 KB
6 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 14:35:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A08 13 KB
5 KB 88ms
81ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 5367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 13:06:23 GMT
expires: Sun, 02 Jun 2024 13:06:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BEA1 783 B
536 B 86ms
85ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a1afa67d6aa960901e4a86c67717dee103c94a09c544e91a72d41495acb17e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lFvKVc9GplXkPi2wJ-4Cqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-lFvKVc9GplXkPi2wJ-4Cqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:50 GMT
expires: Sat, 03 Jun 2023 14:35:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 115ms
113ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 14:35:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BEA1 0
0 55ms
54ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=38130547233187&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A08 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 13:04:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 32B6 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 5367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 13:06:23 GMT
expires: Sun, 02 Jun 2024 13:06:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C0E0 783 B
534 B 31ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

604cab9ebf88758eb914dff850ecdb76e81d6fc7ea77daa7cd4bc7f0fddcada7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9A7k8mzAxpsfFvSNoSQQ_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-9A7k8mzAxpsfFvSNoSQQ_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:50 GMT
expires: Sat, 03 Jun 2023 14:35:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C0E0 0
0 53ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305300101&jk=3552925523421010&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame 32B6 38 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 13:04:21 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C080 0
54 B 393ms
392ms Ping
image/gif 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lig3jt7v&c=1538607677899&slotId=769303838949.5&qqid=CP-ntK-pp_8CFUnt4wcd26EBPw&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1080x1920&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.10s&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7A08 0
12 B 19ms
18ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J0yegA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 32B6 0
12 B 19ms
18ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?m39UoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 320ms
319ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3552925523421010&correlator=2838606189775475&eid=31074949%2C31073558%2C31070232%2C676982996&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=9&adks=439794908&didk=2974999748&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dafc70f4fa4657c7c%3AT%3D1685802947%3ART%3D1685802947%3AS%3DALNI_MaBPy-EXymMe0TxwKQyYHoca9AiwQ&gpic=UID%3D00000c3ce05c28d2%3AT%3D1685802947%3ART%3D1685802947%3AS%3DALNI_MZf_VJuy7BVxzaSApL7SY7Hnz6drg&abxe=1&dt=1685802951152&lmt=1685802937&dlt=1685802946953&idt=484&adxs=436&adys=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fshoot-yalla.to%2Flive%2F11121%2F1023277%2Fmanchester-city-vs-manchester-utd%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=728&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1471861602.1685802947&ga_sid=1685802948&ga_hid=62401647&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6ae-jYgxSABSAghkEhkKCnB1YmNpZC5vcmcYzai-jYgxSABSAghqEu4BCghydGJob3VzZRLYAXppVUJVOE5ORU0yRjRKUmRGVWw4eDkzdG5qK01ZOGZrY1BXTVU1b0lPbFVRTmx5NEI4QzZOU0h0WHBuQ0JLU2pvYVArRFhFTlJPUTVReUVpVXRUbUhXdGo3OGJZSURRNG9IRHg2WUYzL0lzTXFSOG5zSGw2RXJkbnBhNHlHaFZsT1k2TWp0QUhsbU9JcE5TTStVZzkzVHk4clFnQ3BNREdmQURGTWNzQlp1eXFCamFEekJsMkpDeW4rL3VWQUx4b3pwdllXbFJEYk0weVdjTVpxeTJmWlE9PRihqb6NiDFIABIdCg5lc3AuY3JpdGVvLmNvbRjpp76NiDFIAFICCGQSGQoKdWlkYXBpLmNvbRjpp76NiDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKWpvo2IMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50c4ef798fe90b76e06af108f1000b8290d83ec8b86a115765fd05e6dd866d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11657
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326746042
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A2E1 16 KB
6 KB 97ms
22ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=152213
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 14:35:51 GMT
expires: Mon, 05 Jun 2023 08:52:44 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A66F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

80ms
25ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 14:35:51 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 03 Jun 2023 14:35:51 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 7FA6
Redirect Chain

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1685802950219-9...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1685802950219-999425910858-001213-006-004277&key=80b0de72-807c-407a-b6e0-1c93a424de24&gdpr_consent=nul...

0
239 B

174ms
103ms

Document
text/plain

52.54.122.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1685802950219-999425910858-001213-006-004277&key=80b0de72-807c-407a-b6e0-1c93a424de24&gdpr_consent=null&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.122.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-122-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Sat, 03 Jun 2023 14:35:51 GMT

Redirect headers

content-length: 0
date: Sat, 03 Jun 2023 14:35:51 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1685802950219-999425910858-001213-006-004277&key=80b0de72-807c-407a-b6e0-1c93a424de24&gdpr_consent=null&gdpr=1
server: _

GET /
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/ Frame 67EB 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F3EA 16 KB
6 KB 75ms
23ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=152213
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 14:35:51 GMT
expires: Mon, 05 Jun 2023 08:52:44 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 8DD0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1685802950...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1685802950219-999425910858-001213-006-004277&key=rYaKZUw3jXHf&ev=1&us_privacy=1---&pid=562704

0
210 B

328ms
102ms

Document
text/plain

52.54.122.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1685802950219-999425910858-001213-006-004277&key=rYaKZUw3jXHf&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.122.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-122-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Sat, 03 Jun 2023 14:35:51 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: nl-NL
cw-server: bh-deployment-6d945594b4-9cdgk
expires: -1
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1685802950219-999425910858-001213-006-004277&key=rYaKZUw3jXHf&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

GET
H2 204 /
onetag-sys.com/usync/ Frame FA40 0
0 29ms
23ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame B96F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1685802950219-999425910858-001213-006-004277&key=OPTOUT

0
37 B

341ms
105ms

Document
text/plain

52.54.122.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1685802950219-999425910858-001213-006-004277&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.122.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-122-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Sat, 03 Jun 2023 14:35:51 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 03 Jun 2023 14:35:51 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1685802950219-999425910858-001213-006-004277&key=OPTOUT
pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 3888
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a6b584709255e1ae30f947902540b5f&_fw_gdpr=1&_fw_gdpr_consent=

0
232 B

350ms
104ms

Document
text/plain

3.220.29.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a6b584709255e1ae30f947902540b5f&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.29.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-29-54.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Sat, 03 Jun 2023 14:35:51 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sat, 03 Jun 2023 14:35:51 GMT
Expires: Sat, 03 Jun 2023 14:35:51 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=a6b584709255e1ae30f947902540b5f&_fw_gdpr=1&_fw_gdpr_consent=
Pragma: no-cache
Server: nginx
x-sticky-vk: 1685802951275094-562

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame 01C1 43 B
577 B 98ms
29ms Document
image/gif 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Jun 2023 14:35:51 GMT
Expires: Sat, 03 Jun 2023 14:35:51 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1685802951325028-570

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 1F88 49 KB
18 KB 112ms
36ms Document
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Sat, 03 Jun 2023 14:35:51 GMT
etag: W/"64243ed7-c28e"
last-modified: Wed, 29 Mar 2023 13:36:23 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AcO1rydAwQSh
x-77-nzt-ray: 25b021318346419fc74f7b64d9405115
x-77-pop: frankfurtDE
x-cache: MISS

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 1EE6 0
0 115ms
21ms Document
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
date: Sat, 03 Jun 2023 14:35:51 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.57
strict-transport-security: max-age=31536000

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame F2C6
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1685802950219-999425910858-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1685802950219-9994259...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1685802950219-999425910858-001213-006-004277&key=5b0a48d5-ab14-4951-9b61-7c14d4ae47b7

0
241 B

258ms
104ms

Document
text/plain

52.54.122.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1685802950219-999425910858-001213-006-004277&key=5b0a48d5-ab14-4951-9b61-7c14d4ae47b7
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.122.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-122-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Sat, 03 Jun 2023 14:35:51 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sat, 03 Jun 2023 14:35:51 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1685802950219-999425910858-001213-006-004277&key=5b0a48d5-ab14-4951-9b61-7c14d4ae47b7
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 74ms
19ms Image
image/gif 18.184.33.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1685802950219-999425910858-001213-006-004277&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.33.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-33-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1685802950219-999425910858-001213-006-004277%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
145 B 74ms
20ms Image
image/gif 18.184.33.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1685802950219-999425910858-001213-006-004277%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.33.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-33-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 3A39 0
54 B 391ms
390ms Ping
image/gif 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lig3jt43&c=2009990580737&slotId=1004995290368.5&qqid=CMyhtK-pp_8CFaAgswAdNX4D3g&fb=rewarded_web-lima&gqid=xE97ZLy6LvWCmwe4l4iYAQ&met.4=ghmsh_s.lig3jt44~arpf.lig3jt45~ss.lig3jt4n~rta.lig3jt62~raf.lig3jt63~scshown.lig3jt63&ghmsh_mi=18%2C&ghmsh_gvt=0&ams=1&vs=640x360&vc=avc1.42001E&mt=video%2Fmp4&vsrc=youtube&bit=18&cpn=Y0FUmTv5BmwxzNHP&msm=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A2E1 0
42 B 48ms
13ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44930058&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:50 GMT
content-length: 0

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 53ms
53ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: a1a4855a9cc4b87d11ad24753af43fd8ac1dc2ed07ef6f7747178373bfcb893c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:51 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:50 GMT
Server: nginx
ETag: "647b4fc6-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A66F 34 KB
10 KB 20ms
19ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jun 2023 02:29:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=42812
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 04 Jun 2023 02:29:23 GMT

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 1F88 1 KB
814 B 101ms
27ms XHR
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 03 Jun 2023 14:35:51 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 532461
x-accel-date: 1685270490
x-77-nzt: AZySIYu/Anz/7R8IAA
x-accel-expires: @1686307290
last-modified: Wed, 29 Mar 2023 10:31:18 GMT
server: CDN77-Turbo
etag: W/"64241376-446"
x-77-nzt-ray: cf87872753f05a78c74f7b6416964a22
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 77D0 0
0 81ms
80ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7dulPf_kLSgjHaFxqh9if_z5G5L5kp3tsHcv9DX575PBXTHNqJIcL1e9hDq4MfLgS0-LEN6HDXVQ2wUIjigt_wvKKFZG8bDBGNyZ7YzkslyjHyjKXyMFsGRt5MEXLZbv30sgssd1KOBTjKkTvF2l59EYVIf-HmhDa_OH7Cn_nH0xMUi-XOQx3TxLXwV0dmPOzBhclxfDhBFprFTfZYQBeF4L2PETyYDINvgcnqad3kk2Mj8Uebn3S_sjSd6lXiIZmuxXnk1opwpMuQ_FuLzHdt3bP_AIN3fnOz3UfrPYSpU3Wmp9Ij17JJtppibOE6czJOWnMHRKlUA&sai=AMfl-YRsVf_ulqDsj7xfU21L74HUETQKgcsrYiTG22BSWuZpDaDuEWxrJC6vsvO1vcPjCOpb7g8LHcL9bFuQzgywkaDvAtML3Iu6BKyRQCKofJr_LMA0b61E6KESZzsQfBU&sig=Cg0ArKJSzBHL9TWbELcfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: shoot-yalla.to
URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK prebid.js Show response
acdn.adnxs.com/prebid/not-for-prod/ Frame 77D0 2 MB
651 KB 112ms
30ms Script
application/javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Unused62: 8096267
Date: Sat, 03 Jun 2023 14:35:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 18:43:39 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62055cdb-23771c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 666704
Expires: Sun, 04 Jun 2023 14:35:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77D0 171 KB
53 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 14:35:51 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A66F 284 B
536 B 103ms
22ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0D6C 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230531&jk=38130547233187&bg=!ICOlI3fNAAY9J7QfHSc7ADkAdvg8Wm2nJaTZGe6ikb1JnSZMSzsLAw85wRFd7xvbRswDS8k5YpdV_0_mTyInTVAqyA-KV_sM3EoCAAABXVIAAAADaAEHCgCMhaynYH09D70cjGT6tIXo77zPbvAJW8Eg22fPceqSbf3kaD0lFNs7dCtcFzttnlGWlutFCh8Mcdh40xyC1DpFR6e5bzlRLjBAbqE3nwJdoGmvN-lWfKmJg1reYTbEa1EYbdUOGildFHA46o-6oB9FCW_XYtJEWAZH8KlD-Stbxu_coENG7TtkYLeZShCZAvl2GeEgvMyXzP-BYDrIRKuz5xBdsAhLbqYOUtGWeouI5TbOSxOUET__-fuXYAPZ4DWm0kwEoS1TlEk2rFQ3_3TPoBAWs0zYTyAOw0IX9689ICqWXVZ4a2LJsloZuz05JKlwSVcnfyAzQXH1wC_eWi6aezXPZNjg9uSPELw1nEM3UyhZgqV1spDZdCZLNoZbPJTtwU74gfwriegkK164E6sY3OBb4zQi03yydcALthbq87A-pAGGgP8oaUnDAFzPdHe9ZN1j9T6zE6NCmgPs41wSJA7sEjxlY21Td13zyeIQf0JgwOLbqKs7cpZ7wUfntDXJR04pJmHqCLNjo7yKhK4bjXdevm_KCNJmMkA6Z763wWK-Zkzz91e9Ucyh4VgBx1KmZJdi1H8zJZ59jNHsnbNZU91ZcLlMCd1qkacJ5PZmVsuSqRheruZNmi0RkMeUIgRMWcDFW5HRJsV-NM5W8_RPBZFIz5bjfpdZU1-s5aGniRc9btPxbhgDoGmnuufbUPgqFyPhPC5TGQiefrcFIyTVcvgAB_N2uEUlP_q8QTq-om6MpZu5Wqxnf5K-Cn5WwWxVA9plNZsQ33ElDL-gjau02uclJJaohhZ8yKLPQpKrxBn0eDCbZyrArVA2ATEXW1XdxgBclg8gXO3cx3qQtqjjWmFU3LiP7xUG2pDew8eGqyvsWP2JsaTyE-qXORmZngRXS06ZV9q7nzILA_34pyhkaBmnzzZMoDdvcPkturQxnoqULj0xSQrEPd39irNDCN6bJplH9JY3ofBPgQd8tp2f3M6WvQMbef4QKa7nbtYBktJgCsLd__dWuzWUFZ-pRMsumOaG1Z-WSucd4wrDuRltC9QmDvxhXbCmjkaTmyd_eDJ3zgOluKQ9ewnbamqMYPHl-XZVhsuWbrzt0CONroJTmMqG0AmC0SJx1zmFAzEOk6oA2DOfPFoWidawJ8KfHLAwaSP4piXKBnrQIfp2PL9hOyrTnC5yAtp5maAVxD9NKFHkqboQnmBGtA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 77D0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c64439959aebf7d9d92f3e844ca9f699446b6f740efa505d59b67082163a146c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 55A9 16 KB
6 KB 24ms
19ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=1&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=152213
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 14:35:51 GMT
expires: Mon, 05 Jun 2023 08:52:44 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1F88 0
187 B 79ms
20ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=1&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 03 Jun 2023 14:35:51 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 1F88 0
239 B 108ms
22ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305300101&jk=3552925523421010&bg=!sLOls-fNAAY9J7QfHSc7ADkAdvg8Wjgnf1JxFY96bpA2zls7LOBhmkbTVAjFJez5ZyBjsg4HOeAf1u0aLg8I12-Gzm2gHRSj1iUCAAABS1IAAAAFaAEHmQLnWJoEKMHBsPcIv6r6xGJqZcDPAOr3IYPHLhix9O04z_UXpg0cG9IRX3sMJn1O75g56oaIyyqH0bl8l9D5Y4U24sBgb8iDiyhj9rARnEr6932cJtkXK-bBt2h6HFxmCsga3Ut3zN7UhryPUMTTddr51YNEbinZHZvQBbp4jAlbLQtbFX5xk0Jr3E-8vUnKv0d1FC_lV32ZPbTA9v3NlOZadwhMjSvO7bZo6gDhlXGMpqUr2q2v3FAMcY8XSx-Ls2o_6ZZBjPhiI7MPYut57N_czPcD-DOBxoG53IwOniaNv73LlN5LcdhSvJpZo5XM4tNzurc3HM4Fx3ZODLKQ4HJvw2lPN3-xo4DYQDvDmbF7nR9YJmTZUAHpVZGgzrJqMzRIAj_JtYxw1JijlV_xIzuLpy4m_ITynU5-tbhBetUJ8U_3lQkQRqSBNcWXY1MAELoxKE5IsQvSSWjIBGbwkkZC8Ba5f6E_YPrTrwOan_hGPOoj71sLGc_gqwsEr7aI9bRUjutG7_99Wihq_H28PcH9l0ZiOo52igKsy8Ax7uQU2KIg4o6AxLOlsBOa7bstZWH8Dge39frwXIDjbs4tigSIndMBr4JDhY-Jx2jt1sFtCQ5XEVIlCY2SuUsolkZHe3u94tJLW1Bqe50PWgHdpO88-jH7PbsfVRWOKhjVD3l47LOdpt-tfVh24FZX6VjyX2yiayHmDMrJW8QLeuiWjv4_Q63sGWsEgY9QX8GZ-g_l5V8DRooadlgVIa_MkXvmSalJH_OcUtYBTlvGtFqQAaU3gbq-yeVlFMHfj4Q918D6ETHWJ7gY-AVuY0cxZamZDfz34c2RbxAXFIaflilpuqPIVVm-UJGcl6OCjmnA-2UF54ExyTNF0RUAv5k7zd5ZituU2X8nxV0kcVj1gTmwlsvoqAAMtwsdoV4okKt8dWhVI8HpuVbXonxVwUSzOvkF-_MjPiXo7Pk01ye0cAnEtJkg53YZSRYOD8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ Frame 77D0 3 KB
3 KB 98ms
29ms XHR
text/html 2600:9000:225b:9000:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:9000:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Fri, 02 Jun 2023 16:17:49 GMT
via: 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 80282
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: uI6RBIiXlZSd-gye-_VUY6fm6z2UVKlVYs7QzTmYRueLSQTfi-rcGQ==

GET
H3 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ Frame 77D0 14 KB
1 KB 27ms
13ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:35:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4603
x-jsd-version: 1.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1162
x-served-by: cache-fra-eddf8230021-FRA, cache-ams21028-AMS
x-jsd-version-type: version
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 77D0 483 B
1 KB 75ms
32ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:51 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2585197
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BsvEHwZQ%2BWJBPpvQ%2F8xxPIlAqWLn7%2BmsMxgXCXKrDvxLNznEXdLsDpDFRQffjy1UR9muMF5t7c6xUNNbJE9%2Ft%2BbmV5Jv41OntICcbuYzQM%2BpUcxSsLY3q5ZGgQo1ea1cQF0uyBVWTQ1vfpc"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d18aa4139e12ba8-FRA

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 77D0 0
193 B 96ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.11.0&cb=88235887101

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shoot-yalla.to
date: Sat, 03 Jun 2023 14:35:51 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 77D0 15 B
361 B 21ms
21ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://shoot-yalla.to
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 77D0 23 B
400 B 68ms
29ms XHR
application/json 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.11.0
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e5f3e2a16a7b2b8235ecbb5365fa662981d3451bec20e8417c2d9dad6a0de7be

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 03 Jun 2023 14:35:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://shoot-yalla.to
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 64ms
52ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: a1a4855a9cc4b87d11ad24753af43fd8ac1dc2ed07ef6f7747178373bfcb893c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:51 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:50 GMT
Server: nginx
ETag: "647b4fc6-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 77D0 74 KB
23 KB 75ms
31ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:51 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2412734
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xREXgaRFZIDKgOtdE9askoDYboqSkP7fygWZ9kLP%2FZPj%2FxVWEkPsx3GH1PtcXQUi%2FioSjXomPHmqUX0%2F1Aq10U%2BP%2FxrHAtbKs1W%2FR7Slfu2PsOzET3S%2FOULk2uKgEw%2BBqbkgAbRluTrGlx%2FU"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d18aa41bd089b2b-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 77D0 0
0 62ms
59ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLnBfmogEAIYUGhbcwDktd-Soed2pOyFGpG86z0l5xqCLMECVAyqPAWLtWCnW8HwgvqQiIZohPZ81WtaPlIbWtYrT1FEYq9DB7aUowGVQV6q3Y-pnBPg3HtrJDO39nXn-YEYeAofgyJ5IVMEJdd-ShGlReUSt2FIRi0HPmXZbfe3qzOoZ6BGYQOGoJaFCpkUhDZhVwXQSnSHeWqzoBm8oy2cRkaQ3eiko1VUnUkzMzZiljmiNTJxz7uUA8zoQC-PyXiEUYhqscFZrOQAunHw4IwGTiHe_bJvtWVmK9aCgnPaS6ooaI5fPqI-BiE-6I1rRBDHUX1TQdrc4s&sai=AMfl-YTxsjToSewu368kA8Tv1oMTyhYZ-xBv16aIpiLL3ASgnkhv7yc4JDKEuCeqRuUU6gojybLup9YzLKVJ2Yf0piZ2HGAk36NtApMcohIGD35rjswlz8QXQpz59fcdFxo&sig=Cg0ArKJSzBygAq7WxWJAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 14:35:51 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
225 B 19ms
19ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/XGjPQ/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://shoot-yalla.to
Date: Sat, 03 Jun 2023 14:35:51 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 77D0 87 KB
28 KB 18ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Jun 2023 14:35:52 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EE19 15 KB
6 KB 19ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shoot-yalla.to

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 14:35:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 1121140
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 77D0 87 KB
28 KB 56ms
24ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Jun 2023 14:35:52 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame EE19
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=shoot-yalla.to&sn=ChromeSyncframe&so=3&topUrl=shoot-yalla.to&bundle=0O6-4l9zS3J5U2dxTWNWcUlVcDA3S1R5ZW4zWmNqNEpVMEhFamoySTZYRCUyQkl4ZWdyRT...
https://mug.criteo.com/sid?cpp=9pnBbXxMVmpPRkhhUGFVZXZYVzc2eUlkTUU1dHpDQXVSK05WR1VmS0FkNTE3Z1dLd0pMdDRZOTRQWTJlamVDY1ZoYTFqbWtJT0ptWlZEcTlkZVV3SnNCU0tER2FFMWoveDg5VFljODRvbHp1ZGxyazBiWVUzcUpCNlRvdE...

430 B
652 B

24ms
24ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9pnBbXxMVmpPRkhhUGFVZXZYVzc2eUlkTUU1dHpDQXVSK05WR1VmS0FkNTE3Z1dLd0pMdDRZOTRQWTJlamVDY1ZoYTFqbWtJT0ptWlZEcTlkZVV3SnNCU0tER2FFMWoveDg5VFljODRvbHp1ZGxyazBiWVUzcUpCNlRvdEZWWHdDbXZPNjVPekwxWEp3Y0NYNEk1MjBWRzVkZkNFbmVsTDNlaXF3TytoN3NnalZ1WDVLMFRrWHlkOHNqcGJjYWZpcDFKWnZkc25UNm0zV2plS3FxWmowNXdpTWpzRVNmMGgrcS9Ebmw5SGRyMUFtSUlqK3BFejkvR2I5c2pDUk5vZkNWK2V5WkEzZzlKRjFtVEFYdE9FTktyRnR2ZHZHTTBnSVhETlZzNWxqMVlJbUdSQT18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

287cc111798920cc43d73f84ad8984a166dbb3892f48cfd5f96e42479b3b9cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 953844
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=9pnBbXxMVmpPRkhhUGFVZXZYVzc2eUlkTUU1dHpDQXVSK05WR1VmS0FkNTE3Z1dLd0pMdDRZOTRQWTJlamVDY1ZoYTFqbWtJT0ptWlZEcTlkZVV3SnNCU0tER2FFMWoveDg5VFljODRvbHp1ZGxyazBiWVUzcUpCNlRvdEZWWHdDbXZPNjVPekwxWEp3Y0NYNEk1MjBWRzVkZkNFbmVsTDNlaXF3TytoN3NnalZ1WDVLMFRrWHlkOHNqcGJjYWZpcDFKWnZkc25UNm0zV2plS3FxWmowNXdpTWpzRVNmMGgrcS9Ebmw5SGRyMUFtSUlqK3BFejkvR2I5c2pDUk5vZkNWK2V5WkEzZzlKRjFtVEFYdE9FTktyRnR2ZHZHTTBnSVhETlZzNWxqMVlJbUdSQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 324339
content-length: 0
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77D0 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssu_qcsFlbuTwop9uG8uQd6A-ZZ3wFUyoX7GZ5R2a6TEFMkWYKS2qGbqIH3-fvPvZKNjpv9wbAt7EwKYAXFY00PDRbLQJ2XMrFjDZKWY372EcibQxgQ&sig=Cg0ArKJSzBgXFKlGo1MiEAE&id=lidar2&mcvt=1000&p=1219,436,1309,1164&mtos=0,939,1000,1000,1085&tos=0,939,61,0,85&v=20230531&bin=7&avms=nio&bs=1600,1200&mc=0.86&vu=1&app=0&itpl=19&adk=439794908&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685802951508&rpt=397&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookiesyncendpoint Show response
servs.modoro360.com/ Frame 1F88 0
235 B 104ms
104ms Document
text/plain 52.54.122.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1685802950219-999425910858-001213-006-004277&key=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.122.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-122-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Sat, 03 Jun 2023 14:35:53 GMT

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 48ms
47ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: a1a4855a9cc4b87d11ad24753af43fd8ac1dc2ed07ef6f7747178373bfcb893c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:53 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:50 GMT
Server: nginx
ETag: "647b4fc6-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

POST
H2 200 track
track1.aniview.com/ Frame 0E8C 0
121 B 316ms
104ms Ping
text/plain 3.226.219.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=shoot-yalla.to&rs=shoot-yalla.to&sid=59522&t=1685802950&cip=95.211.199.150&sn=&tgt=0&osv=10&bv=114.0&brn=Chrome&wi=600&he=337&app=&AV_PUBLISHERID=641ff5a9b9dfa3debc05c057&test=&d64=e49bf6ed239d821f90da6ddf161e41b3&d63=e49bf6ed239d821f90da6ddf161e41b3&aafaid=&proto=https&uid=1685802950219-999425910858-001213-006-004277&cha=0.1&stagid=64295823302f184a0404d414&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.102&cb=73108022285&d39=&d65=Test1&d66=8.3.10&d73=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=641ff5a9b9dfa3debc05c057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.219.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-219-33.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 03 Jun 2023 14:35:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame 77D0 0
38 B 22ms
21ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 45ms
45ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: 23d340ab998128c9f382017bb734552cda411f1749d941f22831bba0e59daed5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:55 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:54 GMT
Server: nginx
ETag: "647b4fca-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 45ms
44ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: 23d340ab998128c9f382017bb734552cda411f1749d941f22831bba0e59daed5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:55 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:54 GMT
Server: nginx
ETag: "647b4fca-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H/1.1 200
OK b1eng_1.m3u8 Show response
a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/ Frame 5EA9 446 B
801 B 48ms
47ms XHR
application/vnd.apple.mpegurl 45.84.217.97
MYWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://a7.koora.cloud/watch/H5XIzoVsahJk5-LqmCJFKw/1685806293/1685806547/1/b1eng_1.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.84.217.97 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software: nginx /
Resource Hash: 23d340ab998128c9f382017bb734552cda411f1749d941f22831bba0e59daed5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 14:35:57 GMT
Last-Modified: Sat, 03 Jun 2023 14:35:54 GMT
Server: nginx
ETag: "647b4fca-1be"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3A39 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238066&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685802948716&bpp=1&bdt=852&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=1531405223354&frm=24&ife=1&pv=1&ga_vid=46614094.1685802948&ga_sid=1685802948&ga_hid=44823606&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075068%2C44785293%2C44788442%2C44793499&oid=2&pvsid=38130547233187&tmod=504311000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lluuj4dkss5i&fsb=1&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 14:35:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gstatic.com
URL: https://www.gstatic.com/dfp/native/volume_on.png

Domain: us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
URL: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1685802950219-999425910858-001213-006-004277&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1685802950219-999425910858-001213-006-004277%26key%3D%24%7BUID%7D

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shoot-yalla.to/	1970-01-20 21:52:42	Name: _ga_42B0FRBVLM Value: GS1.1.1685802947.1.0.1685802947.0.0.0
.shoot-yalla.to/	1970-01-20 21:52:42	Name: _ga Value: GA1.2.1471861602.1685802947
.shoot-yalla.to/	1970-01-20 12:18:09	Name: _gid Value: GA1.2.31062689.1685802947
.shoot-yalla.to/	1970-01-20 12:16:43	Name: _gat_gtag_UA_153122498_1 Value: 1
shoot-yalla.to/	1970-01-20 12:59:54	Name: _pbjs_userid_consent_data Value: 3524755945110770
.shoot-yalla.to/	1970-01-20 21:02:18	Name: _pubcid Value: 39ff17d9-4037-451e-8de3-3bbec9f414f3
.criteo.com/	1970-01-20 21:38:18	Name: uid Value: c564dc07-df61-4bd2-8e02-9ebb8e3515a7
.doubleclick.net/	1970-01-20 16:35:54	Name: APC Value: AWEbyIEPLJ5PJXJuPau-ZReT4lipNkosglfjKg-uQekthRd8JHD-
.doubleclick.net/	1970-01-20 21:38:18	Name: IDE Value: AHWqTUncYRaq_B8M-Yti63BeOJxzvqepdeTkTe6UFV0LK_qI9ylOX2nRjDbRM0cRUCE
.doubleclick.net/	1970-01-20 12:16:43	Name: test_cookie Value: CheckForPermission
.shoot-yalla.to/	1970-01-20 21:38:18	Name: __gads Value: ID=afc70f4fa4657c7c:T=1685802947:RT=1685802947:S=ALNI_MaBPy-EXymMe0TxwKQyYHoca9AiwQ
.shoot-yalla.to/	1970-01-20 21:38:18	Name: __gpi Value: UID=00000c3ce05c28d2:T=1685802947:RT=1685802947:S=ALNI_MZf_VJuy7BVxzaSApL7SY7Hnz6drg
.doubleclick.net/	1970-01-20 12:16:46	Name: DSID Value: NO_DATA
.uuidksinc.net/	1970-01-20 21:02:18	Name: jcsuuid Value: cJtDrocJONgM0Qp1yD0F
.mathtag.com/	1970-01-20 21:42:38	Name: uuid Value: 6ffc647b-4fc6-4300-9a7c-0cb9ca6a0494
.mathtag.com/	1970-01-20 12:59:54	Name: mt_mop Value: 4:1685802950
.yahoo.com/	1970-01-20 21:02:40	Name: A3 Value: d=AQABBMVPe2QCECuntSUUhmgMoARjXAchp5gFEgEBAQGhfGSFZAAAAAAA_eMAAA&S=AQAAArMF-jfcJaeb9XoebK1bduU
.mxptint.net/	1970-01-20 21:52:42	Name: mxpim Value: R33647_103B16314_4365751F.1.647B4FC5
fksnk.com/	1970-01-20 12:26:47	Name: AWSALBCORS Value: eU2jVLKog5zTgkarfOEhCGIF4YHT9Hqt/Row7F6gad2LaLAQr7QmrI5p4zrWSmw/LTdFRHfMPHQLNt2Nuo6SdOXZUi9+Zy6cIJlQfE2h1loiW2xb7vsBexuBS58+
.fksnk.com/	1970-01-20 14:26:18	Name: f_001 Value: 2831B72007D838E8
.fksnk.com/	1970-01-20 12:18:09	Name: g_001 Value: 1
.modoro360.com/	1970-01-20 12:45:30	Name: aniC Value:
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4981144181cf8fb8
.360yield.com/	1970-01-20 14:26:18	Name: tuuid Value: 5b0a48d5-ab14-4951-9b61-7c14d4ae47b7
.360yield.com/	1970-01-20 14:26:18	Name: tuuid_lu Value: 1685802951
.csync.loopme.me/	1970-01-20 14:29:11	Name: viewer_token Value: 80b0de72-807c-407a-b6e0-1c93a424de24
.modoro360.com/	1970-01-20 12:31:06	Name: 1_C_10 Value: rYaKZUw3jXHf
servs.modoro360.com/	1970-01-20 12:31:06	Name: 1_C_10 Value: rYaKZUw3jXHf
.modoro360.com/	1970-01-20 12:31:06	Name: 1_C_56 Value: 80b0de72-807c-407a-b6e0-1c93a424de24
servs.modoro360.com/	1970-01-20 12:31:06	Name: 1_C_56 Value: 80b0de72-807c-407a-b6e0-1c93a424de24
.modoro360.com/	1970-01-20 12:31:06	Name: 1_C_22 Value: 5b0a48d5-ab14-4951-9b61-7c14d4ae47b7
servs.modoro360.com/	1970-01-20 12:31:06	Name: 1_C_22 Value: 5b0a48d5-ab14-4951-9b61-7c14d4ae47b7
.aniview.com/	1970-01-20 12:31:06	Name: 1_C_9 Value: a6b584709255e1ae30f947902540b5f
sync.aniview.com/	1970-01-20 12:31:06	Name: 1_C_9 Value: a6b584709255e1ae30f947902540b5f
.shoot-yalla.to/	1970-01-20 21:38:18	Name: cto_bundle Value: tIApGV9zS3J5U2dxTWNWcUlVcDA3S1R5ZW4lMkJ2eWZNZGtVMWQ1MjgxS2xXMTJSMm9EMUNpNXdnYWVkdHpvRE5xc1I1QXZJSlY0c2sxMmolMkJ6UW9PenlBVERVVjVsUnp3ZnR1eU5RbSUyQmFKSCUyQjV1a2ZsTEVEaUpXSU10blVZYU0wN0tUOHhFeUNoU0YlMkJmUno1Qlp2JTJCT2MxdDZGY0ElM0QlM0Q
.modoro360.com/	1970-01-20 12:31:06	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a
servs.modoro360.com/	1970-01-20 12:31:06	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://shoot-yalla.to/live/11121/1023277/manchester-city-vs-manchester-utd/(Line 1248) Message: <link rel=preload> must have a valid `as` value
network	error	URL: https://dalbouh.xyz/api/matche?t=1685802937 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02818fe0577d5df6264050e35935a61d.safeframe.googlesyndication.com
a7.koora.cloud
acdn.adnxs.com
ad.360yield.com
adipolo.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.nl
aep.mxptint.net
ap.lijit.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
content1.avplayer.com
csi.gstatic.com
csync.loopme.me
dalbouh.xyz
esp.rtbhouse.com
eus.rubiconproject.com
feed.avplayer.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
jscdn.greeter.me
mediation.magnetssp.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
pr-bh.ybp.yahoo.com
pro.ip-api.com
px.owneriq.net
region1.google-analytics.com
rr3---sn-aigzrn7d.googlevideo.com
s.uuidksinc.net
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
shoot-yalla.to
static.criteo.net
storage.de.cloud.ovh.net
sync.1rx.io
sync.aniview.com
sync.mathtag.com
tags.crwdcntrl.net
tg1.modoro360.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
ups.analytics.yahoo.com
us.hdtvcloud.com
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
vid.vidoomy.com
vpaid.vidoomy.com
web-api.scorarab.com
wrappers.geoedge.be
www.boomplaygames.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
www.gstatic.com
104.102.40.143
104.21.233.171
107.23.98.28
108.138.36.75
141.95.4.204
142.250.185.162
143.204.215.15
162.19.138.119
172.64.99.22
178.250.7.13
18.184.33.63
185.29.132.241
185.64.189.115
185.98.54.153
188.114.96.3
2001:4860:4802:34::36
205.185.216.10
208.93.169.131
213.19.147.45
216.52.2.91
23.35.236.188
23.35.236.201
23.37.42.132
23.56.202.187
2404:6800:4006:804::2003
2600:9000:225b:3a00:a:e047:753:be1
2600:9000:225b:9000:2:d490:4d80:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:9a9
2606:4700:e6::ac40:cf21
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4009:34::8
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::4
2a02:2638:d::a
2a02:26f0:480:25::1726:6216
2a02:26f0:480:794::2c79
2a02:6ea0:c700::11
2a02:6ea0:c700::18
2a04:4e42:600::485
2a05:d018:d29:3601:7391:985f:3e9d:2132
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.215.53.2
3.220.29.54
3.226.219.33
3.71.149.231
34.237.109.233
34.96.70.87
35.190.39.111
35.214.153.92
38.98.69.175
45.133.44.3
45.133.44.4
45.84.217.97
51.75.86.98
51.77.64.70
52.210.227.93
52.51.69.125
52.54.122.158
65.9.66.104
69.16.175.10
69.173.144.138
69.173.144.165
95.101.54.217
98.98.134.242
030640c513ebeda61a248534f3dd8589b12213cab09eb3d079f16083a7dc4546
04c19866871960d5f764a0e629213d45cb3670fa273ded92884b05f1310bfbc1
0679f75a292e9dcaa14c8ada81c2a8c7d23bc2a1873b8652cf9f223976f3d9c5
0aa13f14a45b870ac589b880d738fa2edbc9bc793934dd2ddfbf5731c3100bdf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0eea2ce1f8bd474ef25d083047bcd65a1c4ae272c0a2405201e97ef4222e3325
0f1a165fae5b9201b0550de14439a0f7d7aade42c1356de57a2bb2771a4bc628
1374b8f07fff158a285cae4f10364b53b430f5460c29a56e7069c5044541d12b
13a61b12408327433a8040b4305698dcf59674b9a6d86d32fbf82b19d9772ead
17bed7598d3ba13ee00afbe6eef78aac53e1741d45f2f4c6805afab5c02f5c80
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
1f6ad7b603fc1dc28634dd76b4f0d2341a44ccd617a1d8ff95fe7c0a939b1ead
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
23d340ab998128c9f382017bb734552cda411f1749d941f22831bba0e59daed5
282e493dc5665d3887970b630b1b1ebaef34757cb967d2cdc2d4c1ff71ec310a
2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142
287cc111798920cc43d73f84ad8984a166dbb3892f48cfd5f96e42479b3b9cfe
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2b2df3739ad9771d92073eb7be78b4e199acaf8ca2c94eba90d21050e886edf2
2c1fc3f64cd5ce4f132a9f86fb6325dd97ad57475f6e58b4ff8a94f933b5c3ec
2d3f86fd3b03ce3365607ab108fe0e71bd4d50735257a8586ab299b147a3bdae
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3011a7d71e7124007ebb0d7bb4918b3da48d2d0e2a09f4a4ba53c5fc561b3fbb
3036b68787d2a396d213a010554b8fc15f036e87fc1069351893cdc4948c37ff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325be98d467be29fd7b3d1c36f2e137806b171ca7d73ef3b535e198ec0bd1dc1
3557b74083ec1dce7a9b536c5338bcda128d890081bbe205aea536baf9a8a2a3
35ad92bb2e47d63ce3250b038f2c017eacfb824a3dd8def98d2c4df41bdfa82d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36644be5918f6c1dcf78dd9446e26ae9e88f7376ec53b8c9afd6a9255c87666f
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457e009eeefaf6f961927bae4bed0b1479dae044e139f48e6b5414d8ed3a2afa
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
46694a456711f854acf918bf369e0ce435264b9bb101fe05b5605ef4aa68fe22
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471d1441e10580906ddefbe4cfb90f60ba5a73ff217739fdb927a06d38694ab5
48a4fdfa3b168b3fc6a46c4c1d3fc78b68cc0a471b1ca20e2fbc5b2ae910902d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e69b72e4ff80eddc746c53e41fcae0e95b44c95a8441c58ed39b188d16f467
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4bb033ea7a2a04c5459311db0d05fdf49fa1c1478b61e7db9e8358dcebfc9504
4fcfd877c2a809fc0aeb6cc604b9105e36b8649f39b30ec9e949baf1a1f96073
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
50c4ef798fe90b76e06af108f1000b8290d83ec8b86a115765fd05e6dd866d90
530e7ad6776b89145e16294e61659429e5e8060e628645a03590a35acdf132ac
53c2eff0912218a5261694f033b9b751b724934711d08a9221107c227912c438
53c8e12b1eecfdd19a3dd422e55c59fa464b5b8d79c1c3a496c5464012a7c2e0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b374c5d7abd63494eaa05e3639e9937e718b398756e98f5fb02966084c038e
55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
553ae0bf096177f4d85b26a41d255124f5e812a830cc2b47a7fda8d2c05a4cb9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c54e75195bee57937c88527a47e30515dc2b873d679ca92d94b9f3b0d3045a
5a55e9b16045cfaaf4ec4461719ba0598f120bc66ba7097e5cbe3fde05cb20b5
5ae090d8f423b6393aa46fa54cb5d6ba836e454bfc2872955448a9d5ab9ee55e
5b611e89fa1a6b58cbc1db830dffd3ff972ce5727f6397510a60332cc2218055
5bba266e4d20d61d640a03e05bdc8091a3648449f75bde143cb91e513f194816
5ccdc0286ac6ba6198c45ebc826fe4705013d79c571b98ada421dcf3d303286b
5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a
604cab9ebf88758eb914dff850ecdb76e81d6fc7ea77daa7cd4bc7f0fddcada7
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6a50da05eb3795f33bbdb180412988137805c3bdf5ff1469ae29cb681abf7972
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6baa8a8b3d2accd75c60e4a21575680dc6f99e40754b397308eea39a0e2032c4
6c3ceed2256e78d1d6cf8ca4405b9204e43ed8dace787060fda3e822204fdbf5
6cb8fe3428f28ae4159cb5952b9272e9bc7fc19751ef125754a426016dd4d595
6f7f69e9d52e740efec3bcecf9031b2babe5f89e811121335596271f2070bed7
714e12f6093f5ffbf0c50cfb2051c9c85b86e0bde08696b8d7763881da70dd85
71e4178f36fc1a4d07fd743fc253bc0bd962cf38c01f244d417a7a7db548cfa5
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
7257f94b4d38a2e4b7029e7be497520224659bab3686729a0989158c321b0760
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
740f4e8bb1912ca917b9520bdf17018ff529b99a8137805bb8a95bc188ee3aa1
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7ccafa1c2e568531da897ec36213efee74a751585bbc0c9a0dfb839085938852
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7d831e121563f442bb2f84909f710a0c9cc68a17ea5a9ab8abb31dec500e7dd4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81452d24bcf9cdb24414c005acd0240e96c555fd1b7daef16d68c5ca83eac9ba
817504c104c8071a04f168dcc245705cb9641f44d97b2692ae5abe5e011c02e4
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
843c6fe8889fd9dbb2e2dc7efcf505c0132b0496f388c83f4f3c358c4baa3d8a
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
894b8a5ba082b76664658849b9201138ce24a44bf36ed16301fc4ff2090a3bf4
898a2363d44119a5041d61d6d75c4d3c443400ec20cd84839392f0ac66a2d537
8a4e7fa7a2e004d6d54573fc95acaca31222892cd641d3358f27f7159867ac4f
8f83653636b73b878ab64fa4873fb0258eed8b17fb7baed52242f67531f10386
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
95c03596aa5342e6dc64b5c7e075cc5023788a63371a52796f2d282f8c3834a9
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9951a2e9a2fa89f2b3adb53ed5e021a8039bf478bcb2897c5f4b3dde69c0bc76
9a1afa67d6aa960901e4a86c67717dee103c94a09c544e91a72d41495acb17e4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7ea5ce4e244f14f3fd23b25a6044d6b4efe88a7dfd7f4fbf8993f97a076cf3
9d00c29c4b56c0d9987fbf7e4ef49fc1667bf37996ee3c1151b119f6350abeb1
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
9ff4e089add6873847d959205e74e57b010ed57a628b6456af15a977518c7be1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a4855a9cc4b87d11ad24753af43fd8ac1dc2ed07ef6f7747178373bfcb893c
a2412ea52d14fc60d1c55b9ee25087a89ce6786e865bb21341d7c79ad310ed6f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6482849860cec9c85f0b28a58d829013b52b1c774f20255cf6100f66c1ab46d
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8311fbae6444b7fa98403009c7b64d088230827f3ed7d262ad744ed8de72876
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab4b98d3fa6b0822ec650975d7baef574e608552e0ee35bab5f28943e56987e2
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae86c739796aff1155e1b441a98aa5cd6c5e5b371b1efbaf4c768eeebd0fb461
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b303ac68b221ba641e9ce908e31b49024646c00a597a199aa053c638f0a4597e
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
bf6150148066aa12553cd29bca535fe9a73ddde5e6a893c78effd44a88f59eee
c0883f3b1b0e7e616c54632fbdfbe938f3fecb3ce704695073acf41ef89b6030
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c334fe640b85a39b39afcb3fb696fb65a0f38f61d4aa04e4daeb4b2736721a53
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c51a0b32eee4c6e023e7856baf6f96d9aa66c043f47e8684c13eda6acc9cf451
c64439959aebf7d9d92f3e844ca9f699446b6f740efa505d59b67082163a146c
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c8a436827521bf85aa58c412c1de6866c46a5ede0a3b7a4b8a5967704e1e6576
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
cbecda1c7d37d4c0aa5466243bb4a0018c31bf06d74fa7338290dd3068db4fed
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
d26efb0dcc5b153bb38c8600fe0e5c3ed3ee2c8be163e73d30fd99ad691cf010
d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a
d38196a3c2cd9d1b9601c1fad699d624cc566ae8458d5bc8298eac6143af7c6b
d50e12b32a9f597e7db520fcf93c0db0703ce8b2f22977ca7e8b8d7297f06bad
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d83f1e6291342c8f39367f436b0ac18dc60bd1cb3078548f34ccb7da8aad3dbd
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
da4c714560d28855fe328ea05399a8198bf43c093dc0978213d9155090a36204
da8b56f178a5cd1feb39c9de26ca7b7e0a4fe07f1b7ca324fc2cfebe27a9d16c
db9725a00f53ca2f3a4140f8cfda2bf9e4dfb7118d1dcf68306fb778469ed729
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df1d8e4b7311af9879283ee395a2993f34ab8b43035d3aa5d62a5b0cbce62ca3
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e2319a986fc47aea041154b6b0d28e5440623d9643a32828621630bbe9fc654e
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e3ac1c955ce288d74dc40d6eea69a1345592ea01c75f2070316559097bb31383
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d1a1bd6e0090a11f2dfe2f5525c8789eacced226baaed150624e6f2db69dd9
e5f3e2a16a7b2b8235ecbb5365fa662981d3451bec20e8417c2d9dad6a0de7be
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eebd795fd8d2f0d6bde78e8f24d6c64f2015bd0deeb7720ebd26eb2dda86ac4a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb8ec6d8932ffaab54c328356c0485614ce86b945880e0b5a33672773c5398b
f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c
f2df3eeeb8525890c99cfe6ba3159e956ca67d0bf4b49329d1451f5fc5c9d91e
f318022e24717ae3263e0aefbbf4539a12074827b5de921d0c2066154d365871
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f92628b06ad79f2b8b8f3ac4740c3b5ff9295c412d7b86b1710648c72a187a
f7a86f6dd04e0aa36786c8d4d418d19bd848c51634cc8d4d281a3427bfe29797
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa602dbac3c6503fbbb0f38c49a084f016960090e03b8c6e158c7f77a667198d
fac0ea60a1683307dcdff8e8bd3b6f1067146241a76a69160c7a58b47183a271
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fc663fb44a1d85824a7c413c91e26dc204f6c021c4a65b1d70db1fca5117149f

shoot-yalla.to Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

304 Requests

95 %HTTPS

44 %IPv6

58 Domains

87 Subdomains

73 IPs

9 Countries

8573 kBTransfer

18145 kBSize

37 Cookies

6 Outgoing links

Redirected requests

304 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

shoot-yalla.to Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

304
Requests

95 %
HTTPS

44 %
IPv6

58
Domains

87
Subdomains

73
IPs

9
Countries

8573 kB
Transfer

18145 kB
Size

37
Cookies

304 HTTP transactions
12 data transactions