URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Submission: On May 07 via manual from TN — Scanned from DE

Summary

This website contacted 86 IPs in 12 countries across 74 domains to perform 507 HTTP transactions. The main IP is 104.21.235.80, located in and belongs to CLOUDFLARENET, US. The main domain is yalla-shoots.tv.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 27th 2023. Valid for: a year.
This is the only time yalla-shoots.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.21.235.80 13335 (CLOUDFLAR...)
30 2606:4700::68... 13335 (CLOUDFLAR...)
5 205.185.216.10 20446 (STACKPATH...)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 104.21.87.59 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.21.233.171 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
38 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 69.16.175.10 20446 (STACKPATH...)
1 3.215.129.161 14618 (AMAZON-AES)
80 2a00:1450:400... 15169 (GOOGLE)
3 45.133.44.3 39572 (ADVANCEDH...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
1 65.9.66.104 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2a04:4e42::485 54113 (FASTLY)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
41 2a00:1450:400... 15169 (GOOGLE)
1 141.95.4.204 16276 (OVH)
1 63.34.201.8 16509 (AMAZON-02)
4 162.19.138.119 16276 (OVH)
1 2 54.76.174.157 16509 (AMAZON-02)
1 8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
17 49 172.217.23.98 15169 (GOOGLE)
5 11 185.80.39.216 27381 (CASALE-MEDIA)
4 7 185.89.210.82 29990 (ASN-APPNEX)
2 35.190.39.111 15169 (GOOGLE)
1 4 2a02:2638:d::d 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
35 2a00:1450:400... 15169 (GOOGLE)
1 45.133.44.4 39572 (ADVANCEDH...)
5 2607:f8b0:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.110.156 15169 (GOOGLE)
4 2a0c:5c81:514... 55081 (24SHELLS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:9000:223... 16509 (AMAZON-02)
9 2600:1f18:1ac... 14618 (AMAZON-AES)
1 7 51.89.9.252 16276 (OVH)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 216.52.2.39 30282 (AS-INAPCD...)
3 2a02:2638:d::a 44788 (ASN-CRITE...)
3 147.75.84.158 54825 (PACKET)
1 138.68.128.169 14061 (DIGITALOC...)
6 2a02:2638:3::10 44788 (ASN-CRITE...)
10 172.217.16.194 15169 (GOOGLE)
1 2 37.157.3.29 198622 (ADFORM)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 85.14.248.91 24961 (MYLOC-AS ...)
2 178.250.7.9 44788 (ASN-CRITE...)
2 2a02:2638:d::c 44788 (ASN-CRITE...)
2 2.18.232.99 16625 (AKAMAI-AS)
14 45.84.217.72 212411 (MYWEB)
4 35.244.159.8 15169 (GOOGLE)
1 6 104.102.35.84 16625 (AKAMAI-AS)
1 51.77.64.70 16276 (OVH)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.236.164.132 14618 (AMAZON-AES)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 64.227.64.62 14061 (DIGITALOC...)
3 3 50.31.142.223 22075 (AS-OUTBRAIN)
4 4 54.216.181.39 16509 (AMAZON-02)
1 3.125.250.234 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2.19.229.53 16625 (AKAMAI-AS)
1 35.71.131.137 16509 (AMAZON-02)
1 69.166.1.12 27630 (AS-XFERNET)
1 1 202.241.208.56 4694 (IDCF IDC ...)
2 2 185.29.134.248 30419 (MEDIAMATH...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
2 2 2600:9000:211... 16509 (AMAZON-02)
3 3 76.223.111.18 16509 (AMAZON-02)
1 185.86.139.102 201081 (SMARTADSE...)
1 2.19.229.140 16625 (AKAMAI-AS)
1 141.101.90.96 13335 (CLOUDFLAR...)
1 146.75.118.132 54113 (FASTLY)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 35.227.252.103 15169 (GOOGLE)
2 2 3.65.121.173 16509 (AMAZON-02)
1 70.42.32.95 22075 (AS-OUTBRAIN)
3 4 185.94.180.126 35220 (SPOTX-AMS)
3 3 3.75.62.37 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
3 3 213.19.147.44 3356 (LEVEL3)
507 86
Apex Domain
Subdomains
Transfer
131 googlesyndication.com
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
712 KB
113 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
bid.g.doubleclick.net — Cisco Umbrella Rank: 769
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 352
612 KB
35 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 292
1 MB
30 demand.supply
live.demand.supply — Cisco Umbrella Rank: 36074
42 KB
16 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
111 KB
14 koora.cloud
a6.koora.cloud
2 MB
14 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 420
mug.criteo.com — Cisco Umbrella Rank: 2760
bidder.criteo.com — Cisco Umbrella Rank: 737
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11241
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15841
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10800
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17514
23 KB
14 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 917
static.adsafeprotected.com — Cisco Umbrella Rank: 632
dt.adsafeprotected.com — Cisco Umbrella Rank: 595
132 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 523
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 444
8 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
496 KB
9 yalla-shoots.tv
yalla-shoots.tv
241 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 456
135 KB
8 criteo.net
static.criteo.net — Cisco Umbrella Rank: 650
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9453
345 KB
8 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 105292
adipolo.com — Cisco Umbrella Rank: 93881
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 122143
128 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 753
2 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 211
7 KB
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1267
1 KB
5 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1460
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3582
odb.outbrain.com — Cisco Umbrella Rank: 3655
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6084
76 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 439
rtb.openx.net — Cisco Umbrella Rank: 1258
905 B
5 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1747
mp.4dex.io — Cisco Umbrella Rank: 1980
25 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
198 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 9108
1 KB
5 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 116411
19 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 716
2 KB
4 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2132
1 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 887
id5-sync.com — Cisco Umbrella Rank: 431
19 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
895 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 351
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 773
s.tribalfusion.com — Cisco Umbrella Rank: 1977
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 543
2 KB
3 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2707
310 B
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 926
255 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 608
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 530
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 299
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 835
r.turn.com — Cisco Umbrella Rank: 3382
869 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 725
882 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 699
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 479
2 KB
2 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1388
125 KB
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2214
1 KB
2 flashtalking.com
secure.flashtalking.com — Cisco Umbrella Rank: 1972
cdn.flashtalking.com — Cisco Umbrella Rank: 1072
2 MB
2 adform.net
track.adform.net — Cisco Umbrella Rank: 4035
1 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3388
360 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1116
bcp.crwdcntrl.net — Cisco Umbrella Rank: 874
12 KB
2 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 22962
player.avplayer.com — Cisco Umbrella Rank: 15039
61 KB
2 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 97229
servt.modoro360.com — Cisco Umbrella Rank: 111685
7 KB
2 scorarab.com
web-api.scorarab.com — Cisco Umbrella Rank: 301715
27 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1105
576 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1482
586 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 969
402 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 83106
608 B
1 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 9102
464 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 733
45 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1020
1 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 855
498 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
265 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 522
366 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5918
551 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4348
612 B
1 web3-lab.com
us.web3-lab.com — Cisco Umbrella Rank: 144285
721 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5101
317 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10715
1 KB
1 doubleverify.com
vast.doubleverify.com — Cisco Umbrella Rank: 1629
4 KB
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6645
5 KB
1 urekamedia.com
cdn-adipolo.urekamedia.com — Cisco Umbrella Rank: 280433
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 157816
15 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2983
2 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3332
2 KB
1 dalbouh.xyz
dalbouh.xyz — Cisco Umbrella Rank: 734692
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
45 KB
1 shoot-yalla.tv
live.shoot-yalla.tv — Cisco Umbrella Rank: 346811
1 KB
507 74
Domain Requested by
80 pagead2.googlesyndication.com securepubads.g.doubleclick.net
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
yalla-shoots.tv
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
49 cm.g.doubleclick.net 17 redirects googleads.g.doubleclick.net
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
41 tpc.googlesyndication.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
yalla-shoots.tv
tpc.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
s0.2mdn.net
38 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
jscdn.greeter.me
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
yalla-shoots.tv
www.googletagservices.com
35 s0.2mdn.net yalla-shoots.tv
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
s0.2mdn.net
30 live.demand.supply yalla-shoots.tv
live.demand.supply
client
15 googleads.g.doubleclick.net 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
yalla-shoots.tv
pagead2.googlesyndication.com
14 a6.koora.cloud cdn.jsdelivr.net
10 googleads4.g.doubleclick.net yalla-shoots.tv
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
10 www.googletagservices.com jscdn.greeter.me
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
yalla-shoots.tv
securepubads.g.doubleclick.net
10 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 dt.adsafeprotected.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
9 yalla-shoots.tv yalla-shoots.tv
8 www.google.com 1 redirects yalla-shoots.tv
tpc.googlesyndication.com
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
7 onetag-sys.com 1 redirects player.aplhb.adipolo.com
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 sync.teads.tv 1 redirects googleads.g.doubleclick.net
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
6 imageproxy.eu.criteo.net 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
6 www.gstatic.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
yalla-shoots.tv
6 fonts.googleapis.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
yalla-shoots.tv
s0.2mdn.net
5 fonts.gstatic.com fonts.googleapis.com
5 csi.gstatic.com imasdk.googleapis.com
5 cdn.jsdelivr.net securepubads.g.doubleclick.net
yalla-shoots.tv
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
5 jscdn.greeter.me yalla-shoots.tv
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 match.360yield.com 4 redirects
4 us-u.openx.net googleads.g.doubleclick.net
4 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
4 gum.criteo.com 1 redirects static.criteo.net
player.aplhb.adipolo.com
3 ups.analytics.yahoo.com 3 redirects
3 eb2.3lift.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 dclk-match.dotomi.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
3 prebid.a-mo.net player.aplhb.adipolo.com
3 bidder.criteo.com player.aplhb.adipolo.com
3 ap.lijit.com player.aplhb.adipolo.com
3 mp.4dex.io player.aplhb.adipolo.com
3 static.adsafeprotected.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
player.aplhb.adipolo.com
3 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
2 sync.1rx.io 2 redirects
2 x.bidswitch.net 2 redirects
2 s.ad.smaato.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 a.tribalfusion.com 1 redirects 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
2 sync.mathtag.com 2 redirects
2 widgets.outbrain.com securepubads.g.doubleclick.net
widgets.outbrain.com
2 code.createjs.com s0.2mdn.net
2 match.adsby.bidtheatre.com 2 redirects
2 rtb.fr3.eu.criteo.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
2 cat.fr3.eu.criteo.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
2 track.adform.net 1 redirects 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
2 script.4dex.io player.aplhb.adipolo.com
script.4dex.io
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 imasdk.googleapis.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects yalla-shoots.tv
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 static.criteo.net securepubads.g.doubleclick.net
player.aplhb.adipolo.com
2 web-api.scorarab.com yalla-shoots.tv
1 sync.targeting.unrulymedia.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 lb.eu-1-id5-sync.com player.aplhb.adipolo.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 rtb.openx.net 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 r.turn.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 odb.outbrain.com widgets.outbrain.com
1 portal.o2online.de
1 widget-pixels.outbrain.com yalla-shoots.tv
1 tcheck.outbrainimg.com widgets.outbrain.com
1 ssbsync.smartadserver.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 s.tribalfusion.com
1 tg.socdm.com 1 redirects
1 sync.go.sonobi.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 match.adsrvr.org 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 match.sharethrough.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 fksnk.com 1 redirects
1 us.web3-lab.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.jsdelivr.net
1 cdn.flashtalking.com
1 secure.flashtalking.com
1 m.exactag.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 rtb.nl3.eu.criteo.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 cat.nl3.eu.criteo.com 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
1 vast.doubleverify.com imasdk.googleapis.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 player.adtelligent.com player.aplhb.adipolo.com
1 mug.criteo.com
1 cdn-adipolo.urekamedia.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 storage.de.cloud.ovh.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 adipolo.com
1 servt.modoro360.com
1 player.avplayer.com tg1.modoro360.com
1 feed.avplayer.com tg1.modoro360.com
1 tg1.modoro360.com yalla-shoots.tv
1 dalbouh.xyz yalla-shoots.tv
1 www.googletagmanager.com yalla-shoots.tv
1 live.shoot-yalla.tv yalla-shoots.tv
507 108
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-01-27 -
2024-01-26
a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3
2023-02-19 -
2024-02-19
a year crt.sh
greeter.me
E1
2023-04-15 -
2023-07-14
3 months crt.sh
*.shoot-yalla.tv
GTS CA 1P5
2023-03-27 -
2023-06-25
3 months crt.sh
*.scorarab.com
GTS CA 1P5
2023-03-30 -
2023-06-28
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
wl1.aniview.com
R3
2023-05-04 -
2023-08-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google.de
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2022-08-08 -
2023-09-08
a year crt.sh
*.adservrs.com
Amazon RSA 2048 M01
2023-02-22 -
2023-05-25
3 months crt.sh
player.aplhb.adipolo.com
R3
2023-03-21 -
2023-06-19
3 months crt.sh
adipolo.com
E1
2023-05-06 -
2023-08-04
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-02-25 -
2023-05-26
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-24 -
2023-06-18
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-04-28 -
2023-07-28
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA
2023-01-25 -
2024-01-25
a year crt.sh
*.id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
www.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
1372348363.rsc.contentproxy9.cz
R3
2023-03-23 -
2023-06-21
3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4
2023-03-20 -
2023-06-18
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
player.adtelligent.com
R3
2023-03-22 -
2023-06-20
3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA
2023-04-06 -
2023-07-05
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01
2023-02-24 -
2023-09-04
6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-03-01 -
2023-05-08
2 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.a-mo.net
R3
2023-04-13 -
2023-07-12
3 months crt.sh
vast.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-06-13 -
2023-07-15
a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-26 -
2023-06-29
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-14 -
2023-06-09
3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA
2023-04-03 -
2024-05-03
a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-22 -
2023-06-25
3 months crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-04 -
2024-05-03
a year crt.sh
a6.koora.cloud
R3
2023-05-03 -
2023-08-01
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
teads.tv
R3
2023-02-21 -
2023-05-22
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-25 -
2023-12-26
a year crt.sh
*.web3-lab.com
GTS CA 1P5
2023-04-01 -
2023-06-30
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-02-10 -
2023-08-12
6 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-08 -
2024-03-10
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-09 -
2024-02-11
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-02 -
2024-03-02
a year crt.sh
*.portal.o2online.de
R3
2023-03-26 -
2023-06-24
3 months crt.sh
*.eu-1-id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh

This page contains 48 frames:

Primary Page: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Frame ID: F7CF542F886829ABB9AB10D25F9E4B7E
Requests: 147 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 06D97D2224347CBD2918EF75305692DE
Requests: 1 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2D542BC9903B5EDE8EDB639146DD6929
Requests: 20 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 09161A5E7EA0FED1BC8404E7A4FFDEDA
Requests: 1 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 726CA8C80B2C4253DFA81EA0E89D8AC0
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwNnF5wEwAQ&v=APEucNUo9MRYpXHErCR1q1TbIbgvolkxoetrzetGkkVwBoNrk8dy0POpuUQMlCRaYTnvpJWLBrxLsmwTOAv6raA9QommLe3lmzWI1Toi_qkPaWP2N8tMCCwTSYVgbmWkeEWIWEXzhWmzY99HqAlWwd58MfJTD9371k3gT7YYC3FpMJ3tX15jsezo9v9MfWM1TJRezr13ekujbjul2cVQO3uR0ooNqS2mxw
Frame ID: B22C0A85ADCE91AD5C0726E51C9AD84F
Requests: 5 HTTP requests in this frame

Frame: https://yalla-shoots.tv/frame.php?ch=diwan_1&p=10&token=NmQ3NDY3MzE2YzZhNjk3ODZkNzkzNDc4NmU3NDc1NzU2ZDc0NzE3YTc1Njg3NjdhNjE2NDY5Nzc2ZDZhNjk3MjZkNmE2MTc5NmQ2MzcwNmE3MjY1NjIzNjZlMzI2NjM1NmU3ODc5N2E2ZTY5NjYzNjZlNzM2ZA==&kt=1683472525
Frame ID: 44B405B26F661AA8466094FDEC3152AE
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYkYPo4gEwAQ&v=APEucNVSWz6pb8gj2ai6cATrL4H7JbtTwj0Zruydl0Q0mI9KxeGYI8VkYnXfOU0lDMWFwcO26bcH5qRSvFADecbm4aVhy6N_H7a3pDJtNSNEtrUMNp0Vz9-NKA4SrhxsaDx9imr0Pi9dbjK5VEIf8Gq9OFcgrI9L5zsQImgDyrY2MnmMWZQ6E7kL1eNO5n98fcsjBKs2pnQ_vzf1mqOIqh9DGlC76wqijw
Frame ID: BBBEFDAE70107847428BFA3213D178CA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4EABB0AC7E62E2B858ECA51D63E538B9
Requests: 26 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39A77558E60206252E5B0B8C7C6A40FA
Requests: 39 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Frame ID: ABF63744329C35CFDCFB0CAC7DA822FD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 69CC095C459875B7014D703C1641E57C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7321BF54969F23AC81C0B3E5A676D5CF
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3BEF82BAB92443C76650327E9F6FEC29
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
Frame ID: 15D8F1B8256EE2B41BBAB9B097B9845A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5E64A86F45083233D8E4E26D198EECAB
Requests: 3 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 754B278FE128AFB21E1BF9FA394EBE98
Requests: 1 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA2C6822615071A5294C06B855C5D6F1
Requests: 5 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B621C7B21C54384297A878889180AC34
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUFEMwqdfbCugu_nc8subefW3nciIeNbHcTa-W83ZqJFEKa1cm4xHn_sWw5jSJWM31KsfYV3DScfl3lJc0MPMMr6aH1mYzmr_7W6uizfnSwyOWole5C-4rIcVCckuN6XGj6KlCoASsWK0IScQ8bQGwfgBeJc_3YgZJbGbVpoBUBF31byrDZiAvAPBPt8WKtGZDN04n58c3Q-aF41BoqqIk7xA3etA
Frame ID: AE8745A5B08ED955AFA9C27BB0636306
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E248F565DA5B0FC31C88B7519F07BB99
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B995B6AA0BB099DEAA4F2FC62C57091
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 37EF7BF78832BA8CA952478590F69CEC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNUaT1laOPTw_A-VuKF3SKlQY9hjjEG4jSRuAVv4tn5ymI_XrKCdNn8I0Pb9ixr_E3btIrLb_cA-eDwVr86foeK7YrA7HxSwdLm0h8do35Qjf14We74Gyp9NNCkL6WhTHetvLd8ZG8SDZ8krS226J5T2VzkWv67ygoX1Bb2Pwu74fYo12H0
Frame ID: F74C031DE3565A1E1C9B98901E84C87D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C6D1808FB325AF1A2F55F948E46D4748
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F9838AA48656A7A4D28245831A8ED836
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B16E8A3D2B725C4194D1C196C5B54102
Requests: 9 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F91BE3EF12C43296C093497F6FA2E651
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY6KCg5QEwAQ&v=APEucNUpnxb6u3h25pQxOo18JKKDyoDVXWhk0qAAg2T08yAs_6BUnRc4Xg9aPUAkluON8PvjfjhSgf197lLXHDMEiR_lnU6dy3OLMS_JsqXa5jM3rXgfFrKPNsUdwGmNnNQh331ftAEmUILH_kNzu7LrNNt2Jx1SjIVJ7taqC0Hk25nksXiDsYw
Frame ID: 00B79D1AD4451C82C53A562A4DD1F1FC
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
Frame ID: 476548EBFF453D84140C4AF93D554B75
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10202089977740236388/728x90.html
Frame ID: 99DD8D57A1078956DEFA3215BA311510
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5E35FA87091272EE2DCE01ADA1F2990
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 875328279092E9B16D5C4D4738230630
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuj74haCtWxPFiyIrfSdffEwBshc55moQ-UFXGE8IeKjNbQlDII0xb0K7X-6fnNYhLxMkVSFNg4aTI8PBT6m17FvC3PbR0coD7fQE9f8CIEk52iwljj4qSYZu3k630jXNkla2qatsnZ0GqtJKX9dWcCYt16KBmH4e2oxwcfktXy9GEw2o3jpXlJbigoJ7-7q38-i4Qo8zBhA35pD69ammjwlN3sPSZ0Ny-1e5OXRN6HthoDExgJVDVLDAryhGxeUpHRuubuJHefyHnZIrORFVNnxDK7UdQOiKObr0b3DdASByiW0QE0J1Ah-mXtEV3vwGgIfi0zrrGaQkS8SPmc&sai=AMfl-YQ1_U4hFgjHr_W5pWEMGgzxopwDe9QGaC6kQZOk2GotBh_YGVuZfI_X09G903rwPY29Hr0Okx8ZkeaIFmW53UtvtCzoZn48Bo_lZ4kqNMjQuq_6DCOCoDDyt9pmJyc&sig=Cg0ArKJSzMf6Tbv3JzI2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7500634C922876514464CC09C79C78BD
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E570A192F91F944A35C539E410FEB413
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 115F86DFCC64A1A48AA971F136BC0369
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
Frame ID: 6FA05761B316E2F7AE7D56D2CCF5C02E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 90DB00209AE6A0980A0189EFBF6243C1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5CC09B9C7CE3172D3882966E0BB04198
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Frame ID: F1150A934C4F5B00F908BDFEDEF313C4
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 7D5C0019575527298EECFCDBE7C1CB7F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1683472527074
Frame ID: 99E2270FAAEBD10A942E762FA95E07C5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1683472528372&gdpr=0
Frame ID: EF9B275C139922879398D43DD320153B
Requests: 1 HTTP requests in this frame

Frame: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72E37067A5B8EA65210B92A9F127C7E8
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNVmYR1XM6i2LU345nw5qzQtiHWn63uyv4mLkDNADShkDWwaGR_L_GmCUKavQ0trGd5QLUdQBDmvPgbPK_PT5efHtuTdCfjI1KjlTo6FgqfeErX3laW6lvYSMuKALlVqTbn5_pmrtLEYm7FeCXEB-c3bR-k17LbwO-x30nZPauLHB2Fp3lw
Frame ID: A2922F1CAB1D45123D56A2722D262BED
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7271251920253500791/160x600.html
Frame ID: 2E03008E7ADF6F8900662BEC86D65C87
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D73CE832141FA681BC5B6E02C3DA75F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 11228FEF3DAABD364D4F26687F527692
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

بث مباشر لمباراة النجم الساحلي و اتحاد بن قردان - البطولة التونسية - 2023-05-07

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

507
Requests

90 %
HTTPS

40 %
IPv6

74
Domains

108
Subdomains

86
IPs

12
Countries

8580 kB
Transfer

16336 kB
Size

50
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCBqDmDiTvzlQwfM7BMKXA&google_cver=1
Request Chain 114
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFfAjoiH5EY1-Mh6.yYiOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
Request Chain 116
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1
Request Chain 126
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFfAjoiH5EY1-Mh6.yYiOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
Request Chain 127
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
Request Chain 128
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Request Chain 147
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=6K73IXxsenh5ekdEbDkySHRuOXdFM2ZOejlSejdDdC82cFNtdUFSZFJvWGlNRGp5YUtrdnVOQ0E2S0hmWXF5V2ZLbTZWUGhPQ0JYenM5eXphQko5TUpzdXBWL2d6S25KSzBzSjFtSUlaSjVQaERuNWoza3NhNEZ3N2NQbWRHSytZTDNOT2hURHNHRnVPUTVKb25sSXk3WDNYQ0QxOW5aaTlkN1kwaWJHRXNxRVZJNTI5YXZMUmdqVTVGNTBXaW9TN1lleTRYb3JQTEN4Sm91amoyc1B5d3BwM3YzR0RISkdWR0dabkpRdyttcDR0V3VneVdTVUI4ZnZFZzlvVjFIanduRXNJMGg4RG5ZenRPZHdsalR6K2lYYjlpQT09fA&cppv=2
Request Chain 169
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/70223937/xbbe/creative/adj?p=APEucNVLKfO3C6H8Rt9Tnf2lHHPBABM-xjdz1EM6t-uhwpwWKiMNhiA&d=CokBAKAmf-DYR3Ou9uc6qZqFAessGSQ-m_1BSLBc0aFhZVGLHKaqUcpcfMV9gm-Kjs3wnC4b4mIOI_cOVtQbHTB9P3FRRrAwxAfex43Wa5timzDKhI1Yp-EqK6Xb737GVHDBnew-OVH-dR4oe2zS4pGjzBa2QCQm7yuaVTy2S2RRY8TbNYeyzhocwU8SiRYAoCZ_4BBFDTmFsB8O1TMVfb8zOhtWerg9bNjMD_xws1Oj3bXiadd6R028s4SRX-VYnarBYiW23MXOOewJA2rahXkvh_mXaxlUoycx5jofDXt6x9Optjyn0FvIvKkjFkUjNpE8QEeho7oxQ5oUKXlQZzzIxpFO_SZDqUjjbsZA6uC2NERy8LzBTrkRMU7sIWWIfiwH1Xk33xmL8Sk8wluA0alcOYBKo4L001bDgrRO7J_Qxxv0zKAikViAFPw6eDlOO4ON9fD-raJOoJluV-krR1R97Ra7jUgb2O6CQBvoBRTxJBiEVIeZppLMXP9UPhiG4A0NUYmR_WKnm-dMnULwTi2kuI7KOobhbf7UqwAdvTGgO9Q6yYc739sYDW1AVzVa2YhdKkrk1CsSwfMIf1oVmOb1Vs19QfU_yrKPwIHVjU62EYqRs7vreI6UuURXR0LcSJTkO3aUmp6vGmPRJ1fNX6hCGxPB5nQuERTDnZ9LTSDZ_gD__ve6ZOL1sM2x5jC1e-O3CyCANDL6nTLSgBAeUwGuXWSyAdFnensMkC0s4REqHPvxKvOR9kixQZPECaVfJuwXahME5F40GxqwaXDjKmWk3o9IGuSXTbdUbz_B9mH5pGc76WR-KIogy-2OsvOzeQJ1T6Qhl5F9iur_fccEQanDWtNOKewHugLsIp-CZMMaVTdXLSdZYjojZwIvFBiRe94o4OLTdqu43OPPg8qK6mk7HmVEH0zORtQlSjbzpc3c9Omtf6cVjm5E3QDt6Gp4Iqahyu2Ibo6UAbS9Pf2_tUnEy5Dk0OnsDuEjDEAUfzutV_01GQ7uvutU8RZwI59eKy4B5ngKNvsJznrrDAzGuYEet0yZjWl0RRcygtTT7c68a_-gqSqyIKN0Qzd9Zd1J4cISB-nEw-ZTJ8tTp27KrCvg7zArm0RyulrDWbGA-UzQm1YOqOYqQWVRLXBtLbVgnHcQ5ZT41H0P4T-S2_0-fXDfReMutjFGI2nw4sJl_EZAbumGqyBJZBSUBxd5mlp7PRgY3oqSKE9rM8CXCHRlOIHZuKfzLbc1XdyEjAh5agiuSSHPKHCT80cQxWNKmBD2ZG16B0PAjbk0qxCGAt5AVRDXNbBQSm5W5BztxSsWzZL7FejkjrpKnxxjRVUilCXmY3_LeM1SvvEqlbhsvedBDflPK0EwnSOgeFT1UqAccy8X-qLRKuUmOYadWRu4a5ACNlbdrMm0Y28O9BNZhtxYu6X6oFmArSfNUABtb5NF286uHmVaNpb1YGs3DyxNtFn3TxC44ULIr6DeanEpAT01jbUTvq_Esnq5Rk9rizm2U8mMnuoEKi-jeToZQ72DjxaoczCOOAmVL8h-UcZRzPi9XhSrbE6QDt3pLVJMMMQy9EcEPF2oYfBWCK8Dj9JE-R9U8jAKkE_6nfR68PJIDOaTzeM6o7wYh0tz0vVUXcd5at89wAhaoanKfGMPL0Ke_a2TRD_ZK8cd5HbEBXZVf35Fb19HlEXKQgTdoeXM8yB246-GSDLTaY91sEijb7A-fqE1Gjn46EWcOnVhRIW4uAp3Dq9jrvNXPbiARd0aLSW6KR3E-QV2dNXiGi4sKyG_eSylP1GAfrPGL3EKfEIeBF7My9EsVJalLYqzVyvEdU7DUJSshd5Squyi-Sk4FMCj3NnJvhZhM4BUWNWBtvz7AMxycC83f8U5loAKjmAghkhO9mYniwck0LMpomRgCHKZoCncvAneqi_i8GcTigTrjRMDGIAUszkCiNg9gUp5E_IcgTGHIov3JfCndY6LvX2flQd2x4fWwp1l_D1V_yjdTyoXKzP9EAqWeYmPJotHTnBrqdt5A-qpDhmV3WcsHiRZ7gN3FZWjG4j07w_mGto56Qnya83XjzoBhTwP6nJK5KaHe5Jkz7sM57He2n4pObVN2bahT6_TVLi9W-0fadeLQdFCAwXdFRCbN5VM8L9XoR_DWSrEVrVe44fhdguA2mzelSNtsX4Hmi8EKznV1fsaiR5X_AesAjUwJoaQ-WYyCzcv-38VjvW4AjCpzDQPGK86QiWL8YEfujtCBWF0kKPoSRih7KAwTYq7FXq2HZnpXf-vmxw_DrDLMFl47vTZK_bUSXyvJIe7G2Bzo4TFpLMg31yVDqnLcne8jiWXyRN8ZLMb3O6MUN_h3EEcu9XJ310PlJj_v5iLnojYopyiKxDFpCgxn8lhD-x_--h_BH5MG9OHHHiu147XJPadyNj8Swk7TRSLrKWCqLXUpyd_kOUxsgQUNys66uiPxHCr-X5NWEMIk5bHETaFp6_uEvBuWdqloBgdIRqvNtv_HTQZYR7JYxGWdPQTXxMcWWJxKWCnfMwxd2n7RMD8Lo2vUhtXeQpI92wcAw-CwPSmge4xkPQy5gbuaIXQiMHaqfhKRfb4Bq4VRaDwLAFi-FliczQkU_UtzcyIRWovnTkBUi6zNDYbgdHtm124PMKRboX3N6MbvSbE7WGUTwhar2WtUdrv_GFiBHi72tmSVGYyfKGTdkBYeUE1YxAFN9PwoFsQLM1cyy-yoYUE0QHcP6lQWot5WOzJmsxhXzmV7aC6EXCjTn0HcgeTR7BSgFkhXeQQVFoW51FDZor1T-9nUajXsM2x1g1-5rZZBB6vwYjDgtlx3R5DJ5IQGETIvIdp45-0UPW3obri3CkW5pGwUMRegtnJtDuQ-iBM2DlfmzQOXgzdC2XA2FEgSPDus3Grs2LgKqG18p3tgoLl2NQjlf9sD4X0ac7hh_zEY7YuftMtsbQKIbPJ5lUD2zTQGFXVDyRHYW0Tkyz9eZSdWgnqRSEtwTR42Sc-dUXN-HeRu8qWNdXt2DgyWOphckULi4EI_eNr5OlC6WVRcr0pQgOeJVBhamB7tqKMAHDbbKXiOgS-b1zgJKLVNikgO9unKDD0DKLP48MotM6cjMceIsEgKMcfVjhiGIoO11wHk2lhTwLJ8pCin23VzjzMrlHAVDnzhXDiYUqaNocMSwt5uu0HCAdTRq3y8CIu3u_-h6lsGgRMOCI13Q3EOf2TZEo61LpxMFp3OizXBSibvTedC3xoa21GvcbMVOyLUyWvrhpPo2fWXVuVp86RZT-7P-Ih70ORXCjHMtiEOdpiST5m2Foeft3_2N6ZYeQ9q0fzHCzsiWer_lDgsWryYzIrqCyzMG7lwtV0itVIiaXz7F_FsskKp2kERRhzRWl7G20m1HoLGHNe5NohyA9adFDOIh6HFCYSMYiUbiWrQ70M-0LcKgFAe-gIAIQv-uaL3Vwx3ekXtGH70s3KYZAT4HorjWoBvIH3wrZ0zkgp4HeeWuH0UnalNg1PrLb-umD0COBD5eY-zjoIiiJysBwosGIC3IFttdy34adPha3Du7u17Q6M019aeahWSyNAZNEDZa-QL4eHrQXAPkIhPqe8QmbPdJoSxezfEm-edJOcLvC2HiEBaZTN7xxbv0sEp7GGk5mXB3kzwyJWAW9SvV3lUyWuW5pV0itoC00hWoHZbvoAnEIYiMt07NrYxLmUjiVLTv3R9wxYQdvSnxBhVas087Cq9OpxXeCwZwQzpYw7o0c6PGWx_2dvHGb2LiCQKHWoyjkmgffmHmz6CL1EUpkcXi3MSlpthZobrwNmoDl25uqPeq48pXFT-Z9jQInOlAIhGp9gW0bwbAnuzCazjOuV0f_exNES8GPyTE_G7WXzql1ouikFtKGO5vSZz9IjYCLdaiFDHTpPjSaWf-6XUEzuIPaz3A3_PHCKb87CMvkU-tdufmsq9fgTkOjP9hpECAQSPgBygQiD7tQ4j5N3su8Fdei-E_uF2WlX_1tCcyr083Sh9g8bohwo4C65Zp3WSPPonKNf9mNyS8LYL-VW-fSvGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19782080816&bidurl=https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hclMDGgv1BOeJ9zrwrujj4&adsafe_url=https%3A%2F%2Fyalla-shoots.tv&adsafe_type=g&adsafe_url=https%3A%2F%2Fyalla-shoots.tv%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:cead81d1-85cc-ee06-54e2-42282597fd5e,c:bWsGRX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d854c4bd6-tnqrk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:28,oid:fea4ed9a-ece9-11ed-9b71-de436932890a,v:19.8.407,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_970x250.js
Request Chain 196
  • https://track.adform.net/adfserve/?bn=64078053;1x1inv=1;srctype=3;ord=613056621 HTTP 302
  • https://track.adform.net/adfserve/?CC=1&bn=64078053;1x1inv=1;srctype=3;ord=613056621
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1
Request Chain 276
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFfAjoiH5EY1-Mh6.yYiOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
Request Chain 278
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7IHyd9s88qKhB01DdRkqU&google_cver=1
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECRwTL8OVQ3ymZyNZz_Mhpw&google_cver=1
Request Chain 332
  • https://fksnk.com/cs/google?google_gid=CAESEP9GXy62XPomT6JzOBwZf2I&google_cver=1&google_push=ATf1kGNMOlwZ_DcA32K9KV0Itiq1o0umWdRb-NTb7HL4hyJ1a118sVc5ejOmkE8LM_rWJm5d-ntkiWYQC5sx5wkRZ-amfSrn2Co HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0M2MTI2QjM1NjdGRDhEMQ==
Request Chain 333
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENHUBmNIpy_Lo7_SfGkwrf4&google_cver=1&google_push=ATf1kGOnuOqMYSV8A9lGcyjvemPWM1bi9hDC1RzsemFJiRZhwL1XA_we0RdvU4gQnEJIEKqFKd58A4p5wzTWi7uuQQ1QtYyuXA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yCaXNk7FRligDtlxOG1aIQ2&google_push=ATf1kGOnuOqMYSV8A9lGcyjvemPWM1bi9hDC1RzsemFJiRZhwL1XA_we0RdvU4gQnEJIEKqFKd58A4p5wzTWi7uuQQ1QtYyuXA
Request Chain 334
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_fmyvmu-MQwoSUfQfl-SU&google_cver=1&google_push=ATf1kGNYPsMoGFORpKs4roKZ-zYs_ZdQlvTQI2gTKWmTUJjHIuw2xF_1OXPhcrDi1O6naUk7LC_bvuZHYE4q0VNu41g4SHsJH6c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGNYPsMoGFORpKs4roKZ-zYs_ZdQlvTQI2gTKWmTUJjHIuw2xF_1OXPhcrDi1O6naUk7LC_bvuZHYE4q0VNu41g4SHsJH6c
Request Chain 335
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENba0PUp1UD-6swQi4-o6iE&google_cver=1&google_push=ATf1kGMH5sOhyhJeJX4dtvvoJH2Zvwqx1Qj5NOj9I6YsquLBc6TH4ebsLAyNZZ6pbYJBrT22qNZHQemG2GgM1IUgyao5jCLqwUo HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENba0PUp1UD-6swQi4-o6iE&google_push=ATf1kGMH5sOhyhJeJX4dtvvoJH2Zvwqx1Qj5NOj9I6YsquLBc6TH4ebsLAyNZZ6pbYJBrT22qNZHQemG2GgM1IUgyao5jCLqwUo&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMH5sOhyhJeJX4dtvvoJH2Zvwqx1Qj5NOj9I6YsquLBc6TH4ebsLAyNZZ6pbYJBrT22qNZHQemG2GgM1IUgyao5jCLqwUo&google_hm=SXNaaWJWWU9tZW9LYkNtZGdLMms=
Request Chain 336
  • https://match.360yield.com/match/ebda?google_gid=CAESEOs0KtwCcLoLSYvTJlxdPCo&google_cver=1&google_push=ATf1kGOIcLInWY29TT-bsorMge30RCYXY8CozqI1zBnuxirLLRAqDy8PYxq4u6fD-u4nvV_jm4rhVVZVVQjiX-Hw5OosLWhM-9A HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOs0KtwCcLoLSYvTJlxdPCo&google_cver=1&google_push=ATf1kGOIcLInWY29TT-bsorMge30RCYXY8CozqI1zBnuxirLLRAqDy8PYxq4u6fD-u4nvV_jm4rhVVZVVQjiX-Hw5OosLWhM-9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGOIcLInWY29TT-bsorMge30RCYXY8CozqI1zBnuxirLLRAqDy8PYxq4u6fD-u4nvV_jm4rhVVZVVQjiX-Hw5OosLWhM-9A
Request Chain 340
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7IHyd9s88qKhB01DdRkqU&google_cver=1
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECRwTL8OVQ3ymZyNZz_Mhpw&google_cver=1
Request Chain 379
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_fmyvmu-MQwoSUfQfl-SU&google_cver=1&google_push=ATf1kGNWd7ReSkfp1c0rNiisRVssiVpD_PFl00vc6QC9-MA74nynTTV6LmUtVWkMAjBC0iLBNPiP1ZcdP0nvQuJFY5P3y8ouJteENkJK7nh7sDJ82jfOsbGoM7gNCjON6dSvkXSNl9sAMus HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGNWd7ReSkfp1c0rNiisRVssiVpD_PFl00vc6QC9-MA74nynTTV6LmUtVWkMAjBC0iLBNPiP1ZcdP0nvQuJFY5P3y8ouJteENkJK7nh7sDJ82jfOsbGoM7gNCjON6dSvkXSNl9sAMus
Request Chain 381
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEFGK5-71Qya-tEno1a81uxI&google_cver=1&google_push=ATf1kGOTU0LX6alwumIA11RrPr51WyQrAyA-GKkdCtVof0GXzTJWAfoIN53a7l4J0E5Hk2cYhrwTVlyQ5QZjR907zivelWdS65tXJaorX80LXpEh565mo41JKCQ17yr_0F42j3a1D6i517tD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGOTU0LX6alwumIA11RrPr51WyQrAyA-GKkdCtVof0GXzTJWAfoIN53a7l4J0E5Hk2cYhrwTVlyQ5QZjR907zivelWdS65tXJaorX80LXpEh565mo41JKCQ17yr_0F42j3a1D6i517tD&google_hm=WkZmQWtjQ281dWdBQUwxU2suMEFBQUFB
Request Chain 382
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKw9Va674s79Xfsb-I84Ep8&google_cver=1&google_push=ATf1kGOYXwP_zyhiwHcyzTMyhttoSV6rEwNhe4NZ3E0QLd0s9CyZFUa5Hs9Z60RkrF_gZv2pEQfPjqm66vKh8I5wbkVklle88yOkxrKlOM1b3lYzwOh4JeYM3cs37GKvxwp89JqR6JZ-sTr0MA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOYXwP_zyhiwHcyzTMyhttoSV6rEwNhe4NZ3E0QLd0s9CyZFUa5Hs9Z60RkrF_gZv2pEQfPjqm66vKh8I5wbkVklle88yOkxrKlOM1b3lYzwOh4JeYM3cs37GKvxwp89JqR6JZ-sTr0MA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 383
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEA6X5SFzbfHRGqwEQIMgAMM&google_cver=1&google_push=ATf1kGMTjiEmT8niGgfuhxOKZex_hPrji_dIg44_hritK7Pp7yah5AQnFYXiVTgm9UcADY_hktaGgRiLy4iL3Zce2OnbgIzS7NFQzC7PRjA68mK4_0ft3LXqRDkgm9P5Ml7yTaSGu-ksTTIipg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGMTjiEmT8niGgfuhxOKZex_hPrji_dIg44_hritK7Pp7yah5AQnFYXiVTgm9UcADY_hktaGgRiLy4iL3Zce2OnbgIzS7NFQzC7PRjA68mK4_0ft3LXqRDkgm9P5Ml7yTaSGu-ksTTIipg&google_hm=SXNaaWJWWU9tZW9LYkNtZGdLMms=
Request Chain 391
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJWHJ0f_3kDNBTv6wkMYN-Q&google_cver=1&google_push=ATf1kGOB7BJvA6FzyTCNHFgFuUbtxONmLzseieXs87xls9g6sZ6_W_gF0etI_dry_fWJvosY8dxZWlbldEny39uDXV1QjV9zX0Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOB7BJvA6FzyTCNHFgFuUbtxONmLzseieXs87xls9g6sZ6_W_gF0etI_dry_fWJvosY8dxZWlbldEny39uDXV1QjV9zX0Y
Request Chain 392
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELx9xcUVWaQRbuyFaGq6iA8&google_cver=1&google_push=ATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELx9xcUVWaQRbuyFaGq6iA8&google_cver=1&google_push=ATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 393
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC-2Nl9MaPT7FoT1n0bDNco&google_cver=1&google_push=ATf1kGPkuj4TNS_U4LKP1LXkmqThXPjHzs7W-ywzC0j3UtoJaZT8zSDg3GNE9sQ-Rc_PPEH5-oVnQVceYYpyt6WlCNIhQfM-Yk8 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC-2Nl9MaPT7FoT1n0bDNco&google_cver=1&google_push=ATf1kGPkuj4TNS_U4LKP1LXkmqThXPjHzs7W-ywzC0j3UtoJaZT8zSDg3GNE9sQ-Rc_PPEH5-oVnQVceYYpyt6WlCNIhQfM-Yk8&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JeidWJq0Q-Cs1JvmNDOkUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPkuj4TNS_U4LKP1LXkmqThXPjHzs7W-ywzC0j3UtoJaZT8zSDg3GNE9sQ-Rc_PPEH5-oVnQVceYYpyt6WlCNIhQfM-Yk8
Request Chain 394
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFMYAQ7b4jlJgTg20kZWNCI&google_cver=1&google_push=ATf1kGPlLzuBJEulvFopEzGDTpGwnQwNZklKGAzS1a6PwzvChxMHjUarKccV5sPgBUrmS9haWrhrD5IIp8OMAGiEALY_c-XsM5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPlLzuBJEulvFopEzGDTpGwnQwNZklKGAzS1a6PwzvChxMHjUarKccV5sPgBUrmS9haWrhrD5IIp8OMAGiEALY_c-XsM5w
Request Chain 395
  • https://match.360yield.com/match/ebda?google_gid=CAESEOs0KtwCcLoLSYvTJlxdPCo&google_cver=1&google_push=ATf1kGOo6XsnMpu72J5GWvD7NXqySCSA_Q6UYMTxNYGrWF49nAAcNv3fAW4_FSY2wFzdDm8Qk0Wk07x4W9BGDfZFHKSFB1JAnKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGOo6XsnMpu72J5GWvD7NXqySCSA_Q6UYMTxNYGrWF49nAAcNv3fAW4_FSY2wFzdDm8Qk0Wk07x4W9BGDfZFHKSFB1JAnKI
Request Chain 396
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFLIVKh1Ct0tii3KVcKcLbE&google_cver=1&google_push=ATf1kGMnW-iRY3YSpcC83jh-uN6JedUewDf6K6DYtjlIYwh1SEbzJTah9WJpqopnNU2NEKaogzT5yXLRj9vYDLTmP5konOD9_2o HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMnW-iRY3YSpcC83jh-uN6JedUewDf6K6DYtjlIYwh1SEbzJTah9WJpqopnNU2NEKaogzT5yXLRj9vYDLTmP5konOD9_2o&google_gid=CAESEFLIVKh1Ct0tii3KVcKcLbE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc2NzE5MTQ1ODQ4MzcyNTM0OTMyMA%3D%3D&google_push=ATf1kGMnW-iRY3YSpcC83jh-uN6JedUewDf6K6DYtjlIYwh1SEbzJTah9WJpqopnNU2NEKaogzT5yXLRj9vYDLTmP5konOD9_2o
Request Chain 427
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIbI_mAAbAgf2fuU_xec1kQ&google_cver=1&google_push=ATf1kGO6T4H4qmLW3TwNKHBQihj-SSIpRLa_M0Mx0fzFnWBsZ1LCGBoViX-7nWlCwP7aYRKBz9BSutMDSmf05HslaVlP8rX1rBMYHA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUxMjUxNDE3NDEyODQ4MjU0NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIbI_mAAbAgf2fuU_xec1kQ&google_cver=1
Request Chain 428
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJWHJ0f_3kDNBTv6wkMYN-Q&google_cver=1&google_push=ATf1kGNWqKcIN71iLRx1c_qVBW0ANX7wGVFPhpYFGMCgp6kzhiVcib3TdpjJdEDxRdglh6Aaf9azEfEuE8X8Z2j73IPP4nsbX-p1NQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4dxkV8CRQgCzapZb7jZVgA&google_push=ATf1kGNWqKcIN71iLRx1c_qVBW0ANX7wGVFPhpYFGMCgp6kzhiVcib3TdpjJdEDxRdglh6Aaf9azEfEuE8X8Z2j73IPP4nsbX-p1NQ
Request Chain 430
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFMYAQ7b4jlJgTg20kZWNCI&google_cver=1&google_push=ATf1kGOAMqj0FpyZh_K2quTqBY9yw-n_j4fL0OIEzr9FTMEO2tjAL9rag1tdePm2KXOgrcxVUfreISPNgBZX3xQKUKTbr17Dbc03_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOAMqj0FpyZh_K2quTqBY9yw-n_j4fL0OIEzr9FTMEO2tjAL9rag1tdePm2KXOgrcxVUfreISPNgBZX3xQKUKTbr17Dbc03_w
Request Chain 431
  • https://match.360yield.com/match/ebda?google_gid=CAESEOs0KtwCcLoLSYvTJlxdPCo&google_cver=1&google_push=ATf1kGMwhD7ScKkFMbS84hn2eH45hDOJmvqislmSH1jvh7uRpS2mnbnfX6n_kl0YlE83Rs4Pj2ZZmxfmL3MwhtfPPxkOU8GPBBXtpg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGMwhD7ScKkFMbS84hn2eH45hDOJmvqislmSH1jvh7uRpS2mnbnfX6n_kl0YlE83Rs4Pj2ZZmxfmL3MwhtfPPxkOU8GPBBXtpg
Request Chain 432
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFEsKN0zDW-HWuON0bQUXIU&google_cver=1&google_push=ATf1kGMtvOUxeyN7uYLtl13P4krVFu8Udnc7_KTFLXaJY6GxjwBMxr2CksW8h5UwBlM3B8u24RdmKN4cyhmqaP8k5DH87B97LkqrTg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMtvOUxeyN7uYLtl13P4krVFu8Udnc7_KTFLXaJY6GxjwBMxr2CksW8h5UwBlM3B8u24RdmKN4cyhmqaP8k5DH87B97LkqrTg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 433
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELfqJSGjfOyk8kF7Z7OpPZo&google_cver=1&google_push=ATf1kGNvEDYIcE3Jp8Uv5C2Dhm277SvmfIphPxYB6N5SIywexqMkaD0zZfF_KqGOLznFb2wLhKe54VVRQiCqNedJ5czG7ua2-FZ17hU HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELfqJSGjfOyk8kF7Z7OpPZo&google_cver=1&google_push=ATf1kGNvEDYIcE3Jp8Uv5C2Dhm277SvmfIphPxYB6N5SIywexqMkaD0zZfF_KqGOLznFb2wLhKe54VVRQiCqNedJ5czG7ua2-FZ17hU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e77d0735-1c9b-4836-8451-97c7da07e83b&%%GOOGLE_PUSH_PAIR%%
Request Chain 484
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF6xYnZXC6diJK8jvCWwXiE&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF6xYnZXC6diJK8jvCWwXiE&google_cver=1&__user_check__=1&sync_id=019bd2c3-ecea-11ed-8db5-1ac857eb0506
Request Chain 485
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=01986bac-ecea-11ed-b944-1a7cb9e30406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDE5ODZiNjctZWNlYS0xMWVkLWI5NDQtMWE3Y2I5ZTMwNDA2
Request Chain 486
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1IZ2FPNDQ1RTJ1RWlzUWV4UGNVZ0FrNXVCZzB6dXJfSn5B
Request Chain 504
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG1ViJXqvKPcoEQyjP7I-9M&google_cver=1&google_push=ATf1kGMHR4abukseV8bAWqMF93TS98wo8pEZ5AccIaU7nyRFGXamrzbUBBnNw8KDGknhQCStp0RPrPGYrXRr5Es33ccoUe-Fn3O75A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMDQ1OTQ2NDM4NDMxMzQ4NA%3D%3D&google_push=ATf1kGMHR4abukseV8bAWqMF93TS98wo8pEZ5AccIaU7nyRFGXamrzbUBBnNw8KDGknhQCStp0RPrPGYrXRr5Es33ccoUe-Fn3O75A
Request Chain 505
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMGtf17Sb2mAY615sLgBLho&google_cver=1&google_push=ATf1kGO4jP9dq_949OJWvpt4PRc-kFOSU6vYOxjudaZGZIW_FzmRR8-0XXrV9SHYBeZTn3o99Rw3qzONEXpYiS3JwKFn5QRJodEtRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMGtf17Sb2mAY615sLgBLho&google_hm=ZFfAjoiH5EY1_Mh6-yYiOwAADLYAAAAB&google_nid=index&google_push=ATf1kGO4jP9dq_949OJWvpt4PRc-kFOSU6vYOxjudaZGZIW_FzmRR8-0XXrV9SHYBeZTn3o99Rw3qzONEXpYiS3JwKFn5QRJodEtRg
Request Chain 506
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOc_oZfHZFjhtY3l1JCfoRg&google_cver=1&google_push=ATf1kGMxJUXvLLWthzO8uYDvENfrggPr526zos_IzvYh9xY_6ZITxLLrUimigvKMmgX8dGYZPa64KSRMy0efHn-Q0VVIyS3m7Yc_IQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGMxJUXvLLWthzO8uYDvENfrggPr526zos_IzvYh9xY_6ZITxLLrUimigvKMmgX8dGYZPa64KSRMy0efHn-Q0VVIyS3m7Yc_IQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1683472531747 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81c75305-7c68-4154-8f81-e1734163eacb-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMxJUXvLLWthzO8uYDvENfrggPr526zos_IzvYh9xY_6ZITxLLrUimigvKMmgX8dGYZPa64KSRMy0efHn-Q0VVIyS3m7Yc_IQ%26google_hm%3DA4HHUwV8aEFUj4Hhc0Fj6ss HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMxJUXvLLWthzO8uYDvENfrggPr526zos_IzvYh9xY_6ZITxLLrUimigvKMmgX8dGYZPa64KSRMy0efHn-Q0VVIyS3m7Yc_IQ&google_hm=A4HHUwV8aEFUj4Hhc0Fj6ss
Request Chain 507
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFLIVKh1Ct0tii3KVcKcLbE&google_cver=1&google_push=ATf1kGMMrsUd4vHY1BTX5Erj15thww7g9rONVhMBveU7G-HzMS59Yln8MT04jgpAwSq12LM0vIoLbJ7EUpbU_kvYGH4QkGxBxVQJZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc2NzE5MTQ1ODQ4MzcyNTM0OTMyMA%3D%3D&google_push=ATf1kGMMrsUd4vHY1BTX5Erj15thww7g9rONVhMBveU7G-HzMS59Yln8MT04jgpAwSq12LM0vIoLbJ7EUpbU_kvYGH4QkGxBxVQJZg
Request Chain 508
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOm2nPimkd3hHqolb9nRcDY&google_cver=1&google_push=ATf1kGNrEaWRc4PVo4FCeDCOPjal6LRCgQc0u5JHQyPwV283S20BLdZzvc8-Y32xzK4Umx9wkayEs6oST4itX-Sj2gke8-ih3ZCtayY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uV0dfNjhWRTJ1RnMyNUZBUlhMX0R5R1B1eHJzOWVFWH5B&google_push=ATf1kGNrEaWRc4PVo4FCeDCOPjal6LRCgQc0u5JHQyPwV283S20BLdZzvc8-Y32xzK4Umx9wkayEs6oST4itX-Sj2gke8-ih3ZCtayY

507 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
190 KB
60 KB
Document
General
Full URL
https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5389ee6c23764f5f70faabd4034a080a81b890617b6cf227def4ffb797e558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7c3a6b0d5de2994b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 07 May 2023 15:15:24 GMT
expires
Sun, 07 May 2023 15:16:24 GMT
feature-policy
microphone none;camera none;geolocation none;
last-modified
Sun, 07 May 2023 15:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
pragma
public
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbl23IiMuLoYeI2bJuGiZWIwr6i0QrGjWHm39U2BE5PUp4jXBNcedhpM%2F9zisCaiQ6FwHOVyjRKrH8e%2BodQunNPDlRs6uAcnLjyLAxwE74BX0sBYvCi%2FQw0uzySZbBZ9Uck%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
up.js
live.demand.supply/
5 KB
3 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d0ac3a79e82819b13b54683f227018039d1b556844941c9c1977edc727bb67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GZPW15EYA0Z0CT0XATKXX82B
date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
cf-cache-status
HIT
age
41
cf-polished
origSize=4391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"0fecf0b28f515b77d7e8cc01e461c899-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7c3a6b10d9b33638-FRA
link
<https://live.demand.supply/impl.v16.9.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==>; rel=preload; as=script
timing-allow-origin
*
A-letterbigger_Savir.png
jscdn.greeter.me/
945 B
1 KB
Image
General
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx0000000000000622e5b5f-006457be00-9620c93c-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1683472524.dop110.am5.t,1683472524.cds234.am5.hn,1683472524.cds320.am5.c
content-type
image/png
cache-control
max-age=2948
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
yalla-shoot.png
yalla-shoots.tv/uploads/logo/
6 KB
7 KB
Image
General
Full URL
https://yalla-shoots.tv/uploads/logo/yalla-shoot.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1629537
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6352
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:22:27 GMT
server
cloudflare
etag
"62db4d53-18d0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neAkiEAfUp%2BSwOCVDMW4WI90LeI3QPLiq37Rli7%2FyvGzL8Wdd8PxancMOzRFcQc9QHGBuDOYPZZbAg2hWXIYa29gt4xtbdt7gFkxCUdV4fyAXQB%2F17hTBkS8HvS%2BOkeFzjM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7c3a6b1099c7994b-FRA
expires
Thu, 18 May 2023 18:36:27 GMT
NeoSansArabic.woff
yalla-shoots.tv/assets/fonts/
56 KB
56 KB
Font
General
Full URL
https://yalla-shoots.tv/assets/fonts/NeoSansArabic.woff
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Origin
https://yalla-shoots.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1629575
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57364
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:21:21 GMT
server
cloudflare
etag
"62db4d11-e014"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xqkafQbxsso0Fz49wUnaDZ70tETa%2FTPzZR03dvq1u45vihaKApzbobTPeEnDd4sNukeUqAJ%2FWmpL%2BzznA5GCOMAEE2cXwr0Zqb10bxm4nMnHIe%2BEqMctj%2B7WkQjuf4ygRM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7c3a6b10a9d1994b-FRA
expires
Thu, 18 May 2023 18:35:49 GMT
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"644bd41c-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQtxUG2I032N7BnjhVligyjqEAgOSs4yW6uJxmfMV9S5j%2FmTqGwwQL0OxVEjMZS7QvKLDLOYmpNCQExpi0938VYcKRcN3BAMogZvlpw68NjKp8KSwRhJo7vwWZIR%2Fhqudcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c3a6b10b9e5994b-FRA
expires
Tue, 09 May 2023 15:15:24 GMT
truncated
/
451 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
944 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
248 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
460 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
500 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
telegram.svg
live.shoot-yalla.tv/uploads/img/
1 KB
1 KB
Image
General
Full URL
https://live.shoot-yalla.tv/uploads/img/telegram.svg
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1629602
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 03 Jun 2022 01:24:02 GMT
server
cloudflare
etag
W/"629962b2-424"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Tjv004MMCIDkVym8OqDyDivx23Ia6qeRLLY5YhirNMUuEOunqkyE0qEbE9OzvzY%2BB4Cb2mykULudshirOE7FuHTz8sYr6hoIoYnNkL9oQWKItsc7TVhJyW0QlDUn%2F%2Fusy3MkcqR"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7c3a6b110ffb9a3f-FRA
expires
Thu, 18 May 2023 18:35:22 GMT
1557008660.png
web-api.scorarab.com/uploads/team/
16 KB
17 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1557008660.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f981cd0c42bb4a1b60734d0d38d3e0cbbc63252b92a7b93427c85d9fbbbfb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
147749
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16823
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
"61b0e620-41b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOy%2Bm7Of2i3AsDgPfbJ2Dx3AXps4rfqxnUMVYmIiZeniGsDvHR9h50zxlAezVLQy9fLdQ0KJX7VELjSHrCQPGazmMQ82YGkQiH0i4KN3oN8RDoUu8gfdpNoIodb4CIeBlYyemsj4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3a6b1138319945-FRA
expires
Sun, 04 Jun 2023 22:12:55 GMT
1571879444.png
web-api.scorarab.com/uploads/team/
9 KB
10 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1571879444.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf8eaab457cdee69f9810d5698f3da8f7ff4c7b1f1d8ff6d47b2707e4bbf27b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39423
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9643
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
"61b0e620-25ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4BZ0V26KRxsCfeTeIAiPhNKA3HkoIPuyHDazGJzoEJ6xqMqq3b2%2FWRUJDf1gesSd%2F5EIl68ALKBeiVe1vUBD8L7FaOdMXW7vOEbvhvT9Mhxx2nkr%2FMaEjpqpZdCVYApq%2Bq%2B%2FnR1EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3a6b1138339945-FRA
expires
Tue, 06 Jun 2023 04:18:21 GMT
js
www.googletagmanager.com/gtag/
115 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb65aa94491fe66f65043e26e930b062ff4cebc6774e35651e6ff5e5275275da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45877
x-xss-protection
0
last-modified
Sun, 07 May 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 May 2023 15:15:25 GMT
lazyload.js
yalla-shoots.tv/assets/themes/yalla-shoot/js/
7 KB
3 KB
Script
General
Full URL
https://yalla-shoots.tv/assets/themes/yalla-shoot/js/lazyload.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1629594
cf-polished
origSize=7249
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Sat, 23 Jul 2022 01:24:16 GMT
server
cloudflare
etag
W/"62db4dc0-1c51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX6ucqXTMg0MlN3x07DEqKcmgakJGto7nuKvEDEGGHcnjOq9sa90eRCllnCpuElJLPwaTuzckVl%2F1x2zT9L%2B5l8ckwL0UiWq04ONBk%2BUsYvV11kuMcoTp4QXWWOyrWd2ysc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7c3a6b113b319b80-FRA
expires
Thu, 18 May 2023 18:35:31 GMT
matche
dalbouh.xyz/api/
0
0
Script
General
Full URL
https://dalbouh.xyz/api/matche?t=1683472524
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

spt
tg1.modoro360.com/api/adserver/
27 KB
7 KB
Script
General
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:6216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5cd3504a24ce6e2f840e302c45977543f270c3ea392be16bc14311286ce4b845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Sun, 07 May 2023 15:15:25 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
6902
Expires
Sun, 07 May 2023 15:20:25 GMT
yalla-shoots.tvdynamic.js
jscdn.greeter.me/
8 KB
8 KB
Script
General
Full URL
https://jscdn.greeter.me/yalla-shoots.tvdynamic.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:24:32 GMT
x-amz-request-id
tx000000000000061fc8f8e-006457bd54-9733ce3a-fra1b
etag
"3cc898bc27a1b9035922667e9a7e891a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1683472525.dop110.am5.t,1683472525.cds234.am5.hn,1683472525.cds251.am5.c
content-type
text/javascript
cache-control
max-age=2775
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7957
yalla-shoots.tvhead.js
jscdn.greeter.me/
7 KB
8 KB
Script
General
Full URL
https://jscdn.greeter.me/yalla-shoots.tvhead.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:35:56 GMT
x-amz-request-id
tx000000000000062228121-006457bd54-962143d0-fra1b
etag
"559fe7c18011a3e1db9adb6276cba3f6"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1683472525.dop110.am5.t,1683472525.cds234.am5.hn,1683472525.cds203.am5.c
content-type
text/javascript
cache-control
max-age=2775
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7559
jquery.min.js
yalla-shoots.tv/assets/js/
87 KB
33 KB
Script
General
Full URL
https://yalla-shoots.tv/assets/js/jquery.min.js?t=1683472524
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 21 Sep 2022 18:59:19 GMT
server
cloudflare
etag
W/"632b5f07-15d3a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkIkF6qYOvwza6RYzRf4UOwE2Xstfjy0aUAYeeWdLLRyxP3KLUWGKSz%2B1cYCj%2F3tY62%2FQ4hctzKFT5uQ1LDfr4%2BANSIpALp%2F9VrksVDiFjX5MemBxaueUw7GHVfa3u4QqHo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7c3a6b113b359b80-FRA
expires
Tue, 06 Jun 2023 15:15:25 GMT
impl.v16.9.0.js
live.demand.supply/
73 KB
24 KB
Script
General
Full URL
https://live.demand.supply/impl.v16.9.0.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ecccd34dc662e0f098d7aac79299f8b425c42abffa5eb59135f016eefe7c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GZPW15X6H0FBGJ9Q8P6B9AQC
date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
cf-cache-status
HIT
age
151469
cf-polished
origSize=75394
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"0005eac41d279166020740d2c4788350-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7c3a6b116a5d3638-FRA
eWFsbGEtc2hvb3RzLnR2Lw==
live.demand.supply/p4/v16-2-0/
2 KB
901 B
Script
General
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190e70018335ddc27dcc7f82dda53c72e7bd9ea3b184f102eccb0e3352efc686

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7c3a6b116a5f3638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/
0
532 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=150&cs=c&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b118c489152-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/
74 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1540f629c2690241cdde93d69d8ae2a90f77fb77d48b131347765353332a141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24741
x-xss-protection
0
server
cafe
etag
794 / 19484 / m202305020101 / config-hash: 7620008043783978309
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:25 GMT
eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
live.demand.supply/p4/v16-2-0/
2 KB
1004 B
Script
General
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313b167644cd845c6ef23a4d34d5ea6672c2db69a89308cad8745030e6c45fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7c3a6b117a673638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ds.2.html
live.demand.supply/
413 B
607 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GWKXNNK2Q6J4EK436CXFQ5N7
date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2498541
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7c3a6b118c4c9152-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/
29 B
391 B
XHR
General
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b140edd9475f4cf77a5fdb007454eb19d9d3108c86a753ceae23e27b6636de46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c3a6b122ced9152-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
yalla-shoots.tv_native_multi_native1
live.demand.supply/cp/
21 B
383 B
XHR
General
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_native_multi_native1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c3a6b122cef9152-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21
yalla-shoots.tv_fluid_sky+sq
live.demand.supply/cp/
29 B
394 B
XHR
General
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82338cc6f877e4ac9516ad68d4b497eb5d0c82040e45efff1e7310d3fe426ee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c3a6b122cf39152-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/
29 B
392 B
XHR
General
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b140edd9475f4cf77a5fdb007454eb19d9d3108c86a753ceae23e27b6636de46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c3a6b122cf79152-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
yalla-shoots.tv_auto_728x90_sticky_display_bottom
live.demand.supply/cp/
30 B
393 B
XHR
General
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a343819c22e11973d398f67bfc8ab8fdffecfbd58e8a3e5db58928454b5a43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c3a6b128d619152-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/
401 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7871265d48a73d823e56d6925815a3c296ca4a685ea8e7a65a4d2231bf235633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
4569
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126854
x-xss-protection
0
server
cafe
etag
15874553025474995102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 06 May 2024 13:59:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
2 KB
603 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36b808a258319847cbc8c3454e304bd3295ee377e65b30d8bf93903bd6a63f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
578
x-xss-protection
0
expires
Sun, 07 May 2023 15:15:25 GMT
e.js
live.demand.supply/e/
0
499 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.1039852648973465&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b131df19152-FRA
e.js
live.demand.supply/x/
0
498 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
76898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b131df59152-FRA
e.js
live.demand.supply/e/
0
498 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.1039852648973465&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b131dfa9152-FRA
e.js
live.demand.supply/x/
0
497 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
76898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b132dfb9152-FRA
e.js
live.demand.supply/e/
0
500 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&pdc=0.4523042321205139&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b132e039152-FRA
e.js
live.demand.supply/e/
0
498 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&pdc=0.16600599288940432&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b137e609152-FRA
sdb.css
live.demand.supply/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GX3G8GV4470C9FFCAWH91XVD
date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1495147
etag
W/"14c5381be186641471a926a081d90c88-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7c3a6b137cee1db3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
2 KB
1007 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=3869010450417442&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C175844fe-17b4-47e6-9355-28af1ff828c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1711219817&didk=1133630126&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D1cc3cf29-a297-4e03-a814-57797b2c03ce%26chrand%3Dn%26pof%3D1%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683472525490&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7811f32bf6c63b896593295c2993b1f7473bddca1327eee9558557c888554046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
977
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
32 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=2436301578317809&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=2&adks=1304860571&didk=1418515192&sfv=1-0-40&prev_scp=ti%3D1cc3cf29-a297-4e03-a814-57797b2c03ce%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683472525496&lmt=1683472524&dlt=1683472524875&idt=554&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa6105a8b1d78516e495f2761f4d1b1c202a7a56e6250756a20741d578824f06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11432
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
1 KB
580 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=509862172508473&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=1743034735&didk=1418515199&sfv=1-0-40&prev_scp=ti%3D1cc3cf29-a297-4e03-a814-57797b2c03ce%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683472525501&lmt=1683472524&dlt=1683472524875&idt=554&adxs=314&adys=2344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01056e75dae62da3f161e3f4f9d5bb7bd70af8e2eb82efb55b279b4875bd7869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
550
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
171 KB
41 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=184661911214280&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cnative-multi%2C3d4ab4c6-6d5f-4b8c-9e83-ea0e7b3534e1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=4&adks=3368116147&didk=3429720029&sfv=1-0-40&prev_scp=ti%3D1cc3cf29-a297-4e03-a814-57797b2c03ce%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D83%26format%3Dmulti-native&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683472525503&lmt=1683472524&dlt=1683472524875&idt=554&adxs=262&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=1076x0&msz=1076x0&fws=4&ohw=1076&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b42229324a9712433f77c8d81c1cd78fcc75415bc310eef4c1b25200bcabefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42349
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
73 KB
24 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=596471752454737&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C7b9be0bc-7aae-4298-84dd-8d5becb2ea92&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=5&adks=1131662217&didk=412460673&sfv=1-0-40&prev_scp=ti%3D1cc3cf29-a297-4e03-a814-57797b2c03ce%26chrand%3Dn%26pof%3D1%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683472525505&lmt=1683472524&dlt=1683472524875&idt=554&adxs=302&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ad40f41b4eee0a804fadbc37180dda63cd5090c32e5fafeda8b908f007cbda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24542
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
17 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=2360891273474361&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C2f5dd645-0d0d-422d-99d2-d7bef2ca8963&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=3202367356&didk=4055989924&sfv=1-0-40&prev_scp=ti%3D1cc3cf29-a297-4e03-a814-57797b2c03ce%26chrand%3Dn%26pof%3D1%26rfi%3D30%26stt%3Dbhs%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683472525507&lmt=1683472524&dlt=1683472524875&idt=554&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
647b3409cb565a5915dc2735d987860de3e277a4914640f215137084ccfbd162
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7916
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 06D9
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/
36 KB
12 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59dec2944a255e7af6c299907b54df8fa8505437a95c203c6c5e2544e96c78e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
76302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12712
x-xss-protection
0
server
cafe
etag
3305083077809332093
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 05 May 2024 18:03:43 GMT
key.php
yalla-shoots.tv/
170 B
786 B
Fetch
General
Full URL
https://yalla-shoots.tv/key.php?kt=1683472525
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d9feef3a877f598c1a21d0fdf48323ced534feb85473521803a1a62049ccd65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNNFPf4hCTg%2BqYDd8DPCVqr9W9p6AOpaYxddBMIYttkg%2B%2FHUNOchF22WA1wIptFsmlMg%2FXM7gvEei3EuLqHkSaaBoKLVms1m2%2BkOb6RcG4ukYnQTIN%2F36xx4NO%2FNtmVL4GY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7c3a6b1629d59b80-FRA
expires
Sun, 07 May 2023 15:16:25 GMT
get
feed.avplayer.com/backend/
4 KB
813 B
XHR
General
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63e0c53d06b87484dc0f3a56&pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&AV_TEMPID=62c2a28af9382161a05f9104&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
gzip
x-hw
1683472525.dop146.am5.t,1683472525.cds301.am5.hn,1683472525.cds271.am5.c
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
content-length
608
avcplayer.js
player.avplayer.com/script/2/v/
251 KB
60 KB
Script
General
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
etag
"1646327924"
x-hw
1683472525.dop241.am5.t,1683472525.cds263.am5.hn,1683472525.cds314.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
61326
track
servt.modoro360.com/
0
98 B
Image
General
Full URL
https://servt.modoro360.com/track?pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&cb=1683472525796&r=yalla-shoots.tv&stagid=63e0c53d06b87484dc0f3a56&stplid=62c2a28af9382161a05f9104&d35=&d65=Test1&d66=7&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.129.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-129-161.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
e.js
live.demand.supply/x/
0
504 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
76898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b1649869152-FRA
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb26b3bb02c92e7c63d0e4f576fe6b2f05c21171edd687842bf2dca44696c1d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11161
x-xss-protection
0
A-letterbigger_Savir.png
jscdn.greeter.me/
945 B
1 KB
Image
General
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx0000000000000622e5b5f-006457be00-9620c93c-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1683472525.dop110.am5.t,1683472525.cds234.am5.hn,1683472525.cds320.am5.c
content-type
image/png
cache-control
max-age=2947
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/467631/
290 KB
89 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:00:43 GMT
server
nginx
etag
W/"63a0526b-48644"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 07 May 2023 16:15:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
74 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e5368cc004804ca3929064283c4a3637a738f398331a7fd6bd44a97f0d0c2c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24838
x-xss-protection
0
server
cafe
etag
540 / 19484 / 31074314 / config-hash: 7620008043783978309
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:25 GMT
wrapper_hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/467631/
2 KB
1004 B
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/467631/wrapper_hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-685"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 07 May 2023 16:15:25 GMT
gpt.js
www.googletagservices.com/tag/js/
74 KB
25 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed2de0c4d5be176cb1ea2c413de3de6c9c47c5a4fc74030033c7e59846bf7cbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24839
x-xss-protection
0
server
cafe
etag
533 / 19484 / 31074314 / config-hash: 7620008043783978309
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:25 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/
7 KB
7 KB
Image
General
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6230698
etag
"5ed61610-1b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUeaOMkFZ1EGvWonocNIT9SxeSbke9IBFF9fgnu0f%2FMrgV%2FFgdoQVrspfZMdH6WJSLWBU5BycpA2HI06%2F9VE6%2Bdodj31WWXtzRvMPJhFuzBqH4koJxyvCq5U8QapxP38ylpslQwEE9UA3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7c3a6b169c9a37e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
uid2SecureSignal.js
cdn.prod.uidapi.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8000:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 05:53:38 GMT
Via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
33708
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
vk_zE4bJ1BPrLE7pOmAuh-CdJ_1ULHHFNxLMcPT9iy3eLUL7x4ZP4Q==
publishertag.ids.js
static.criteo.net/js/ld/
39 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 08 May 2023 15:15:26 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 05:55:32 GMT
content-encoding
gzip
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
33594
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
BdflEI4EXhM9grDUq1civkVLunexDLl2mpPjIzQWXA4w_JMWEv-EtA==
esp.js
cdn.id5-sync.com/api/1.0/
59 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
DV4ZZV3M19DV4JT6
age
1869
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c3a6b16ac812c29-FRA
x-amz-id-2
SQNSLn/t0GkUuytZINM//sjwOLbQ++EeKKiJV/ZRie6CttOWh2KB+PoMF31oRgy43l3fz9RclR0=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 07 May 2023 15:15:25 GMT
x-content-type-options
nosniff
age
8113
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
732
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
2 KB
2 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 14:50:25 GMT
via
1.1 google
age
1500
x-guploader-uploadid
ADPycdvUFgDQ5Mabeo5ZugwRH9ZDDSq44Qd-OL7VBYWI10vMuzeX4geo_APFjjsj6Zm95CdJ8GeJPgBXo7qByOuZ35XX
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Sun, 07 May 2023 15:50:25 GMT
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D54
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
182 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
834 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/
0
497 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&sy=fd1ba056-ce31-467e-8b2c-3f0f664177aa&ts=83&cd=2&pud=150&pus=c&pue=688&pid=98&pis=c&pie=787&ppd=184&pps=a&ppe=873&pcl=659&ttc=864&tti=1496&ttif=0&lca=873&lcak=ppe&lct=873&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=1cc3cf29-a297-4e03-a814-57797b2c03ce&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b1679bb9152-FRA
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 May 2023 14:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2387
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 07 May 2023 16:35:39 GMT
e.js
live.demand.supply/e/
0
499 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b1699d99152-FRA
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0916
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
498 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=fd1ba056-ce31-467e-8b2c-3f0f664177aa&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=1cc3cf29-a297-4e03-a814-57797b2c03ce&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b16a9f29152-FRA
A-letterbigger_Savir.png
jscdn.greeter.me/
945 B
1005 B
Image
General
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx0000000000000622e5b5f-006457be00-9620c93c-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1683472525.dop110.am5.t,1683472525.cds234.am5.hn,1683472525.cds320.am5.c
content-type
image/png
cache-control
max-age=2947
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
e.js
live.demand.supply/e/
0
499 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b16b9f99152-FRA
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 726C
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
500 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_fluid_sky%2Bsq&sy=fd1ba056-ce31-467e-8b2c-3f0f664177aa&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=1cc3cf29-a297-4e03-a814-57797b2c03ce&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:25 GMT
cf-cache-status
HIT
age
1534265
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b16da119152-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame B22C
624 B
825 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwNnF5wEwAQ&v=APEucNUo9MRYpXHErCR1q1TbIbgvolkxoetrzetGkkVwBoNrk8dy0POpuUQMlCRaYTnvpJWLBrxLsmwTOAv6raA9QommLe3lmzWI1Toi_qkPaWP2N8tMCCwTSYVgbmWkeEWIWEXzhWmzY99HqAlWwd58MfJTD9371k3gT7YYC3FpMJ3tX15jsezo9v9MfWM1TJRezr13ekujbjul2cVQO3uR0ooNqS2mxw
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:26 GMT
expires
Sun, 07 May 2023 15:15:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2D54
78 KB
28 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D54
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AisOTjRuCBM1A_i41FrBUNXFFM2jvtSowN8491wboCTNLNluWgNjgFsRK8Tew4QvJOZKAegvQjiAtawjQ682zDIxoacrxStZNixm5k--JCp-KKtDw
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D54
0
121 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8197688588119539505&x=1&ct=76
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 2D54
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 13:50:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 2D54
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76719
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D54
169 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:25 GMT
frame.php
yalla-shoots.tv/ Frame 44B4
198 KB
72 KB
Document
General
Full URL
https://yalla-shoots.tv/frame.php?ch=diwan_1&p=10&token=NmQ3NDY3MzE2YzZhNjk3ODZkNzkzNDc4NmU3NDc1NzU2ZDc0NzE3YTc1Njg3NjdhNjE2NDY5Nzc2ZDZhNjk3MjZkNmE2MTc5NmQ2MzcwNmE3MjY1NjIzNjZlMzI2NjM1NmU3ODc5N2E2ZTY5NjYzNjZlNzM2ZA==&kt=1683472525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34fc5c918fda8d95cb209e35301babad9f25559cc2dfbdc59430da0f35d4c98c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7c3a6b17abf99b80-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 07 May 2023 15:15:26 GMT
expires
Sun, 07 May 2023 15:16:26 GMT
feature-policy
microphone none;camera none;geolocation none;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUMSYLTTJU394xP17Dmaql6MrxZ1ca9bMgANXg2Jvbf1g0%2BxpCh8j5iWUnG1Cbr2t7rEfA76bZkSc5GFocGKGmOZJhwnog1g8Z6%2FI1Su8hL6sOKSralGFkHeI8sSggv%2Fxl4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
truncated
/
385 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
240 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/
15 KB
15 KB
Image
General
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.4.204 , France, ASN16276 (OVH, FR),
Reverse DNS
ip204.ip-141-95-4.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:26 GMT
X-Openstack-Request-Id
txaa40adcb0e384bfda7bad-006457c08e
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
X-Trans-Id
txaa40adcb0e384bfda7bad-006457c08e
truncated
/
480 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 May 2023 15:15:26 GMT
map
bcp.crwdcntrl.net/6/
60 B
334 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.201.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-201-8.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d7906662b215405ec58d6c746bcad04e264883d4b5dd3010410b2fd70952e2e0

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache
x-server
10.45.8.213
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/
0
324 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
pixel
googleads.g.doubleclick.net/xbbe/ Frame BBBE
624 B
504 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYkYPo4gEwAQ&v=APEucNVSWz6pb8gj2ai6cATrL4H7JbtTwj0Zruydl0Q0mI9KxeGYI8VkYnXfOU0lDMWFwcO26bcH5qRSvFADecbm4aVhy6N_H7a3pDJtNSNEtrUMNp0Vz9-NKA4SrhxsaDx9imr0Pi9dbjK5VEIf8Gq9OFcgrI9L5zsQImgDyrY2MnmMWZQ6E7kL1eNO5n98fcsjBKs2pnQ_vzf1mqOIqh9DGlC76wqijw
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:26 GMT
expires
Sun, 07 May 2023 15:15:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4EAB
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:26 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1352960/70223937/xbbe/creative/ Frame 4EAB
253 KB
77 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1352960/70223937/xbbe/creative/adj?p=APEucNVLKfO3C6H8Rt9Tnf2lHHPBABM-xjdz1EM6t-uhwpwWKiMNhiA&d=CokBAKAmf-DYR3Ou9uc6qZqFAessGSQ-m_1BSLBc0aFhZVGLHKaqUcpcfMV9gm-Kjs3wnC4b4mIOI_cOVtQbHTB9P3FRRrAwxAfex43Wa5timzDKhI1Yp-EqK6Xb737GVHDBnew-OVH-dR4oe2zS4pGjzBa2QCQm7yuaVTy2S2RRY8TbNYeyzhocwU8SiRYAoCZ_4BBFDTmFsB8O1TMVfb8zOhtWerg9bNjMD_xws1Oj3bXiadd6R028s4SRX-VYnarBYiW23MXOOewJA2rahXkvh_mXaxlUoycx5jofDXt6x9Optjyn0FvIvKkjFkUjNpE8QEeho7oxQ5oUKXlQZzzIxpFO_SZDqUjjbsZA6uC2NERy8LzBTrkRMU7sIWWIfiwH1Xk33xmL8Sk8wluA0alcOYBKo4L001bDgrRO7J_Qxxv0zKAikViAFPw6eDlOO4ON9fD-raJOoJluV-krR1R97Ra7jUgb2O6CQBvoBRTxJBiEVIeZppLMXP9UPhiG4A0NUYmR_WKnm-dMnULwTi2kuI7KOobhbf7UqwAdvTGgO9Q6yYc739sYDW1AVzVa2YhdKkrk1CsSwfMIf1oVmOb1Vs19QfU_yrKPwIHVjU62EYqRs7vreI6UuURXR0LcSJTkO3aUmp6vGmPRJ1fNX6hCGxPB5nQuERTDnZ9LTSDZ_gD__ve6ZOL1sM2x5jC1e-O3CyCANDL6nTLSgBAeUwGuXWSyAdFnensMkC0s4REqHPvxKvOR9kixQZPECaVfJuwXahME5F40GxqwaXDjKmWk3o9IGuSXTbdUbz_B9mH5pGc76WR-KIogy-2OsvOzeQJ1T6Qhl5F9iur_fccEQanDWtNOKewHugLsIp-CZMMaVTdXLSdZYjojZwIvFBiRe94o4OLTdqu43OPPg8qK6mk7HmVEH0zORtQlSjbzpc3c9Omtf6cVjm5E3QDt6Gp4Iqahyu2Ibo6UAbS9Pf2_tUnEy5Dk0OnsDuEjDEAUfzutV_01GQ7uvutU8RZwI59eKy4B5ngKNvsJznrrDAzGuYEet0yZjWl0RRcygtTT7c68a_-gqSqyIKN0Qzd9Zd1J4cISB-nEw-ZTJ8tTp27KrCvg7zArm0RyulrDWbGA-UzQm1YOqOYqQWVRLXBtLbVgnHcQ5ZT41H0P4T-S2_0-fXDfReMutjFGI2nw4sJl_EZAbumGqyBJZBSUBxd5mlp7PRgY3oqSKE9rM8CXCHRlOIHZuKfzLbc1XdyEjAh5agiuSSHPKHCT80cQxWNKmBD2ZG16B0PAjbk0qxCGAt5AVRDXNbBQSm5W5BztxSsWzZL7FejkjrpKnxxjRVUilCXmY3_LeM1SvvEqlbhsvedBDflPK0EwnSOgeFT1UqAccy8X-qLRKuUmOYadWRu4a5ACNlbdrMm0Y28O9BNZhtxYu6X6oFmArSfNUABtb5NF286uHmVaNpb1YGs3DyxNtFn3TxC44ULIr6DeanEpAT01jbUTvq_Esnq5Rk9rizm2U8mMnuoEKi-jeToZQ72DjxaoczCOOAmVL8h-UcZRzPi9XhSrbE6QDt3pLVJMMMQy9EcEPF2oYfBWCK8Dj9JE-R9U8jAKkE_6nfR68PJIDOaTzeM6o7wYh0tz0vVUXcd5at89wAhaoanKfGMPL0Ke_a2TRD_ZK8cd5HbEBXZVf35Fb19HlEXKQgTdoeXM8yB246-GSDLTaY91sEijb7A-fqE1Gjn46EWcOnVhRIW4uAp3Dq9jrvNXPbiARd0aLSW6KR3E-QV2dNXiGi4sKyG_eSylP1GAfrPGL3EKfEIeBF7My9EsVJalLYqzVyvEdU7DUJSshd5Squyi-Sk4FMCj3NnJvhZhM4BUWNWBtvz7AMxycC83f8U5loAKjmAghkhO9mYniwck0LMpomRgCHKZoCncvAneqi_i8GcTigTrjRMDGIAUszkCiNg9gUp5E_IcgTGHIov3JfCndY6LvX2flQd2x4fWwp1l_D1V_yjdTyoXKzP9EAqWeYmPJotHTnBrqdt5A-qpDhmV3WcsHiRZ7gN3FZWjG4j07w_mGto56Qnya83XjzoBhTwP6nJK5KaHe5Jkz7sM57He2n4pObVN2bahT6_TVLi9W-0fadeLQdFCAwXdFRCbN5VM8L9XoR_DWSrEVrVe44fhdguA2mzelSNtsX4Hmi8EKznV1fsaiR5X_AesAjUwJoaQ-WYyCzcv-38VjvW4AjCpzDQPGK86QiWL8YEfujtCBWF0kKPoSRih7KAwTYq7FXq2HZnpXf-vmxw_DrDLMFl47vTZK_bUSXyvJIe7G2Bzo4TFpLMg31yVDqnLcne8jiWXyRN8ZLMb3O6MUN_h3EEcu9XJ310PlJj_v5iLnojYopyiKxDFpCgxn8lhD-x_--h_BH5MG9OHHHiu147XJPadyNj8Swk7TRSLrKWCqLXUpyd_kOUxsgQUNys66uiPxHCr-X5NWEMIk5bHETaFp6_uEvBuWdqloBgdIRqvNtv_HTQZYR7JYxGWdPQTXxMcWWJxKWCnfMwxd2n7RMD8Lo2vUhtXeQpI92wcAw-CwPSmge4xkPQy5gbuaIXQiMHaqfhKRfb4Bq4VRaDwLAFi-FliczQkU_UtzcyIRWovnTkBUi6zNDYbgdHtm124PMKRboX3N6MbvSbE7WGUTwhar2WtUdrv_GFiBHi72tmSVGYyfKGTdkBYeUE1YxAFN9PwoFsQLM1cyy-yoYUE0QHcP6lQWot5WOzJmsxhXzmV7aC6EXCjTn0HcgeTR7BSgFkhXeQQVFoW51FDZor1T-9nUajXsM2x1g1-5rZZBB6vwYjDgtlx3R5DJ5IQGETIvIdp45-0UPW3obri3CkW5pGwUMRegtnJtDuQ-iBM2DlfmzQOXgzdC2XA2FEgSPDus3Grs2LgKqG18p3tgoLl2NQjlf9sD4X0ac7hh_zEY7YuftMtsbQKIbPJ5lUD2zTQGFXVDyRHYW0Tkyz9eZSdWgnqRSEtwTR42Sc-dUXN-HeRu8qWNdXt2DgyWOphckULi4EI_eNr5OlC6WVRcr0pQgOeJVBhamB7tqKMAHDbbKXiOgS-b1zgJKLVNikgO9unKDD0DKLP48MotM6cjMceIsEgKMcfVjhiGIoO11wHk2lhTwLJ8pCin23VzjzMrlHAVDnzhXDiYUqaNocMSwt5uu0HCAdTRq3y8CIu3u_-h6lsGgRMOCI13Q3EOf2TZEo61LpxMFp3OizXBSibvTedC3xoa21GvcbMVOyLUyWvrhpPo2fWXVuVp86RZT-7P-Ih70ORXCjHMtiEOdpiST5m2Foeft3_2N6ZYeQ9q0fzHCzsiWer_lDgsWryYzIrqCyzMG7lwtV0itVIiaXz7F_FsskKp2kERRhzRWl7G20m1HoLGHNe5NohyA9adFDOIh6HFCYSMYiUbiWrQ70M-0LcKgFAe-gIAIQv-uaL3Vwx3ekXtGH70s3KYZAT4HorjWoBvIH3wrZ0zkgp4HeeWuH0UnalNg1PrLb-umD0COBD5eY-zjoIiiJysBwosGIC3IFttdy34adPha3Du7u17Q6M019aeahWSyNAZNEDZa-QL4eHrQXAPkIhPqe8QmbPdJoSxezfEm-edJOcLvC2HiEBaZTN7xxbv0sEp7GGk5mXB3kzwyJWAW9SvV3lUyWuW5pV0itoC00hWoHZbvoAnEIYiMt07NrYxLmUjiVLTv3R9wxYQdvSnxBhVas087Cq9OpxXeCwZwQzpYw7o0c6PGWx_2dvHGb2LiCQKHWoyjkmgffmHmz6CL1EUpkcXi3MSlpthZobrwNmoDl25uqPeq48pXFT-Z9jQInOlAIhGp9gW0bwbAnuzCazjOuV0f_exNES8GPyTE_G7WXzql1ouikFtKGO5vSZz9IjYCLdaiFDHTpPjSaWf-6XUEzuIPaz3A3_PHCKb87CMvkU-tdufmsq9fgTkOjP9hpECAQSPgBygQiD7tQ4j5N3su8Fdei-E_uF2WlX_1tCcyr083Sh9g8bohwo4C65Zp3WSPPonKNf9mNyS8LYL-VW-fSvGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19782080816&bidurl=https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hclMDGgv1BOeJ9zrwrujj4
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.174.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-174-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ecd328825d970e565e679e4f25810ecf70a187dec158fe831ba6a413ada82c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 4EAB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 13:50:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 4EAB
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76719
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
l
www.google.com/ads/measurement/ Frame 4EAB
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTED1drFb3eXvkhE0xcDk6RSPb8QqB6IR6QllVlVmAEt6_C8BvvBTXc5W-7SyEoN1tscBnlO9V-LZITb0326WNgy3gUpA
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4EAB
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EAB
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfrKy0-yX7XSt2z1b9unDtxkETi0AjkT0J1xTrYd9mFm4XiN6MdhUxnY72qU0x3mSkh3pCUzd6BFDpFJ6X4DWfEgleoOVaigINnWmV_vK7TKxsfI4
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EAB
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2437182027386386365&x=1&ct=76
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39A7
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
500 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_native_multi_native1&sy=fd1ba056-ce31-467e-8b2c-3f0f664177aa&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=1cc3cf29-a297-4e03-a814-57797b2c03ce&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:26 GMT
cf-cache-status
HIT
age
1534266
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b184c0a9152-FRA
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 726C
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
76768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:55:58 GMT
css
fonts.googleapis.com/ Frame 726C
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 14:39:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 15:15:26 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/ Frame 726C
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.css
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 12:37:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
last-modified
Wed, 03 May 2023 10:37:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 12:37:04 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/ Frame 726C
372 KB
128 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bea736fdf67f11518157bcd25ec3e1a259595eac44ec75697573149917fff25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 04:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123758
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130571
x-xss-protection
0
last-modified
Wed, 03 May 2023 10:37:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 04:52:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 726C
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76719
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 44B4
12 KB
4 KB
Script
General
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/frame.php?ch=diwan_1&p=10&token=NmQ3NDY3MzE2YzZhNjk3ODZkNzkzNDc4NmU3NDc1NzU2ZDc0NzE3YTc1Njg3NjdhNjE2NDY5Nzc2ZDZhNjk3MjZkNmE2MTc5NmQ2MzcwNmE3MjY1NjIzNjZlMzI2NjM1NmU3ODc5N2E2ZTY5NjYzNjZlNzM2ZA==&kt=1683472525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"644bd41c-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImRdKnRja%2FY%2B2TwW6aT53AGv0oxCgiD8UMT1WpG9oNsW4ETbE7PVmGXBkjgwwARoEyVvmDo%2BcgLj5ZxFceREotL%2B%2BFZI2T88mAcdUcpdkgZJaOkKnqklZ%2B3EgroxNQk3R84%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c3a6b186cf29b80-FRA
expires
Tue, 09 May 2023 15:15:26 GMT
Yamkarish.mp4
cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/
880 KB
0
Media
General
Full URL
https://cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/Yamkarish.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://yalla-shoots.tv/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Sun, 07 May 2023 15:15:26 GMT
x-cache
HIT
x-77-cache
HIT
Content-Range
bytes 0-900871/900872
x-age
864396
x-accel-date
1682608130
Content-Length
900872
x-77-nzt
AcO1ryeZIbz/jDANAA
x-accel-expires
@1683644930
last-modified
Tue, 06 Sep 2022 14:19:18 GMT
server
CDN77-Turbo
etag
"631756e6-dbf08"
x-77-nzt-ray
25b021310ce848d58ec05764b21e270f
content-type
video/mp4
access-control-allow-origin
*
rum
dsum-sec.casalemedia.com/ Frame B22C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCBqDmDiTvzlQwfM7BMKXA&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCBqDmDiTvzlQwfM7BMKXA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwNnF5wEwAQ&v=APEucNUo9MRYpXHErCR1q1TbIbgvolkxoetrzetGkkVwBoNrk8dy0POpuUQMlCRaYTnvpJWLBrxLsmwTOAv6raA9QommLe3lmzWI1Toi_qkPaWP2N8tMCCwTSYVgbmWkeEWIWEXzhWmzY99HqAlWwd58MfJTD9371k3gT7YYC3FpMJ3tX15jsezo9v9MfWM1TJRezr13ekujbjul2cVQO3uR0ooNqS2mxw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCBqDmDiTvzlQwfM7BMKXA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B22C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFfAjoiH5EY1-Mh6.yYiOwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwNnF5wEwAQ&v=APEucNUo9MRYpXHErCR1q1TbIbgvolkxoetrzetGkkVwBoNrk8dy0POpuUQMlCRaYTnvpJWLBrxLsmwTOAv6raA9QommLe3lmzWI1Toi_qkPaWP2N8tMCCwTSYVgbmWkeEWIWEXzhWmzY99HqAlWwd58MfJTD9371k3gT7YYC3FpMJ3tX15jsezo9v9MfWM1TJRezr13ekujbjul2cVQO3uR0ooNqS2mxw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B22C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwNnF5wEwAQ&v=APEucNUo9MRYpXHErCR1q1TbIbgvolkxoetrzetGkkVwBoNrk8dy0POpuUQMlCRaYTnvpJWLBrxLsmwTOAv6raA9QommLe3lmzWI1Toi_qkPaWP2N8tMCCwTSYVgbmWkeEWIWEXzhWmzY99HqAlWwd58MfJTD9371k3gT7YYC3FpMJ3tX15jsezo9v9MfWM1TJRezr13ekujbjul2cVQO3uR0ooNqS2mxw
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:26 GMT
AN-X-Request-Uuid
81a71eec-f6af-4bce-9811-088e8b94866d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.143; 185.213.155.143; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B22C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwNnF5wEwAQ&v=APEucNUo9MRYpXHErCR1q1TbIbgvolkxoetrzetGkkVwBoNrk8dy0POpuUQMlCRaYTnvpJWLBrxLsmwTOAv6raA9QommLe3lmzWI1Toi_qkPaWP2N8tMCCwTSYVgbmWkeEWIWEXzhWmzY99HqAlWwd58MfJTD9371k3gT7YYC3FpMJ3tX15jsezo9v9MfWM1TJRezr13ekujbjul2cVQO3uR0ooNqS2mxw
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 07 May 2023 15:15:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.143; 185.213.155.143; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5e9a7590-6599-48c5-88b1-593e3de34341
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
encrypt
esp.rtbhouse.com/ Frame
0
0
Preflight
General
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://yalla-shoots.tv
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 07 May 2023 15:15:26 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
883e01deeeb6fb91685f4f26f58cfd85
encrypt
esp.rtbhouse.com/
265 B
360 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
dab5b2ba74b0df2b7b550e8af229ee5db7f0b7112d6007ddbd7aabafbeb56a7e

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
43d8a8f2268242f77f6e6c4be16fd8d9
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
hbw_master_739813_17175.js
player.aplhb.adipolo.com/prebidlink/19484/
85 KB
29 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/19484/hbw_master_739813_17175.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/wrapper_hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-152fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 07 May 2023 16:15:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D54
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3244647449349&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D54
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3244647449349&version=m202301230201&ct=76&x=1&cor=8197688588119540000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2D54
84 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTqlAaC-zIrPRqwhNDd1NxWqBiyEq3OddsW2ab_Mt_OkujJ4EDdRtrrJ8SKhaNSBQpFs5Nxj046hl8P0f0T9LwWbJESA&cry=1&dbm_d=AKAmf-CxoDl2dIGWiXjZDhnY95giNCP42epsWCNxkALOyO1YpbRBfl2X0VDQXC4ww9iaWM7v5HuBc622xaL0h8G2zfakKjPGsf3myWXXotqjZtr0ultAQz9hrjsEQj8lQMK4P3JfwmUfqZsuaLJPPuC5yIx0RrnQQ2linsAMkHug0Evjoi_hLV1jAZeX6kiWmXN2BftsMe97_se0cMAx0Z2MtDB5DKPCB075euqw_dTMjOKWnMtsIxLn1c2Dc60FNhOOEY2T2z385h2F3lfv2h2DKM4Ee8EK0da3Us3et84ZPQR7AVcnHUmsKkL4Ddhg8iKC1CsaUdXvzTno1vp1GwB66Maox11tRTHtkD1Wt285NMEqzY9MQPec9xiiucS2nBZpQVUMlDJuLJZMTAN5dRXdsckqkbvhoiZGTwoaZp8NMZs3XACGFBY8Jq8lMt8cjIDx0ANvuWYHkTQsB8yFQKujhb8DPfg-WWEa6A9qeQWAKvGTFeLSTPmT2uFPTlSV9pLTSrKU3i11k7OujtpvZ3bEjRDnP7QnScCELf7YzZPoPT_DcZd8xxN_U-OjdQeD5nTMfs_cxDa1SVkwy63WvZsgAZk1YssSQB8dEydRoZ9S5yxXL89H_43HAd-r16-nbIhMK1p12BcBzfZEVqUxKo7j5jhNsL5lSK_zEbmVSSpmyUf1KC8B5SY3_tv_MyL6dZK3-JJZIFu80fLnBFFWnHSmbZ82J9KIZzhaxnurVfrh8iX_Pvw6F3Vf4KUhiu-XFBHL56ReZ0ROce-9B9dnbpxRVamPcG9vhoQU3z1g0mTSjDZzl_dutpQKMX34vG0OtXFguys8Blhtsz_m663xeaAZ7HF2eGAOqmzFnlOrVVI_6USrS2Xsf6HAtE8GWTK2zx37kzfwKbomwjnq9wo8j9XpTBix4z98Zz76PmcjgcEdGXjUksjrjnvxIImN6ZSoIJVCFu1IRd-9BY2264bquzSf79-c9TyhfgU9dNBx-OQxcTdVGXwNMpomFDKg4sJW8uUL0QLTmzE8kZSine8UfGbpmqap-29oH6wB576Jmprj8AYiv4X853RUOv1dmHyqiwpPP537CqvqjQcTiOv0vdp1gFXOQMgAkVD9iyVc5lDvPUGrvuEEj0BKLNFjkqtykOabX7w0V-UCoOoTKGWD9eYKXirjK4c4RGjDtjhXMbxaD5IVa4GT0knYe7Zx5YIa_FONuu5d43F_dT8EDrr5upavi9KjgpssHHvwHN8xOeepLEwlHDhsmI6494pqQ9RodZNAO2Q94601WQLTGP4o2khwPodGwvAUM_UsGrdl-b7d-x7UDd0Wj2SXgPQQ0pVgiKdXsiJFYY833oygqY7a8LbXw3q3mJMKqi9YYFDq-Sh86aQOZZWJg6fqh6RO6zWQyVmCK_rc_yHjFEjagZtKc6ADBq-rebugXRQzSbLW1MUKUnVRsi3FikuS5gj8QkrKuN2FtsvqMDt-IKGwwBeBy2Ma5dLJFN2jIuOXxQ1C_JCd4L5A4oSQubS6RHOsuHuE1M56ZggHUSOv9ssWQ_W00f5HEFCaUL9lemgcnHcYu6bB8-NuVI2zBt2-Irk3QZzQcuO3hynytMcNqKWTjoQZqbDG4GPSDZJRpMrUPAuU4seXDEmhsZ1zYNDVgw3JTFyiTWCp71fM4cdevE9vHY-LbL6sbqo12K6z8Fir-V22DvGecUELxSFOflvZF6zLrzoIg8RTlnKKIaHaFemjVErG9DvjZJGJZUHQvgok-vjrLiO1jQ8O_HCODaU1OJMU6i8D-sBS5npfUUb50ot-iE_nupl25IhCZXB5JY6QulcTid3MQwhcZZm2s92u3g3_TppnpnTYkwcQnF6Rfpm_7KVtD8O1Oyj87geOEQ8vYQ4xBpuQHByjg5_irg3eOomy-h1jo6zISprogSJ9NzP8GhV_BUwOOtdPF9vdPu_K62zdg_HjuQHlFAcMm4X23twPyTfAv3k6wbKTNJSvNxc3Djmr26KmMdSDUXuQXkygsko8ioFetTwHL9S2N08t4blAfstYbNxuX32UaAEFuFgck131UQSUlBFaWJiKQBuUPwoK3zhrtLDSRffpp5wTUAV8_62q2ntLcGnEPKCJZebwcntGNwRW6RJXLlNIuVxD6HHYyCtzHJDsOLwp2o-PiwMTVeVwc5GGCyYJIZ6snoxKcKfa16XR2BWyIMWZbMLusfk_sszojALWrpmWEsO7H9WT2-uzF-XoOQCrArHEoJevM4Q2kk-2JjcoZ_e_S2Pq63utLpz70wSkETIVkAqbULBY7Pp6r3ZYXCoLTU3BqetKgxgkfnosOjgOwEYcXtaw1Y8zeTlkLHLJxdbki_WA32hcJLgDJK-VWg7z07mukQYB1T9DooePwQDYR8R9zWDhOkboxhhG3t2jqfw59fRvDeYagdoTPxrQOxuE6-AvRlx4XM-T9kGYjSGhIJ-F3UvLzmcBttwmAvmc7et06QoZRGTaxu5DkcKvefSqar2JvLUqo1TT6oplu1oH3h8qz1BEpaBfpjm8o-dIja0oL6eJIzf17YJ2VsyzW3beCIbtACpTgMnCyrg2n0N5njXdCGHtNINezyk4LEty_lY8uwMZSOXUMK3IY0pdDTRQB3mJckoxx4twIYNJ_sFkoeU4K530IFkDiXkT1eWgND6QWYdFku24CosFr4ETpi2ArZzp7tx8ZRi-XgwoabokkmdULDODXaBjMWVsqx9xHrGrtqTxoAo8aDfaArkgjeTcAMCStuFtFBTbhDtXMxx3yNcI8CeX5VF9uKYfHi4xFeMByJBQmv5I37VEXPj5sgoBITZskJGUrQf_M4pprWN6j1Xx1JfhrY4kUwK9LCmZhXbwOwIvZc_PnEYT0SLp_eyh0EtIlifrJW9D6VUOyRMeay2S2z7RPaXM3t1a1Trms8t7--i5lSQ0EgrgVanr7GFveZ42OVDGeTq6X6DYpTZNyVC-GHqBk4CuxxnwfqVjk_J5qjoNu6MiMej-9zeAM3B7dsSM8hPQqZxTKRZbdiwfZCJ_jeM3bx38eYEB6g71HgrwD7kBJXh2fJHAmcJIjCWQkkTXpLP7ERc8ayOOoLMsj2rYy7oslPp0KNGQZz1bL_ZGYWKtVUc30fgQapV83lv-JaefuojkbnG51RixxjAmv4daleFc7HlaulPZVF_t3QBQcw9IC67JbNo1g4A87YHmRIK1zG9Q89U7INgjw7QtLn5vJPm6G_gooVyk7C-fPD2GUt2IY5vKfrMoEKOek6n5wgY3UXFELibSJuqQsU1BmPLt_woKbjNvz99o1mAT2MPBGTYgbYUv1xRRvmjsN4a9hmvhIj2_mJZSp70dXdyiJkgg1ZHF_VBUTFsk4K0-UBIvoOTY3JeJ0ZPwDn4ddXBUrFdjQtboejHZ2xwQKkx7UjyIKKFaXyucmCYEHiSSoMf69_i4K2qOUxKnext25vq9pwbvn9NNRKaTccJDab5yqyKIFT8d90by7CvUVwSSDeBVQfIXGZmRqdoMkg5SDGUN5PWow7sp5cbgI0l8-Uwm2erFM4pZQjsiAIecfT4UvE-nVh_lpuQ0ARCz7nWJfUR1ahiun_A5eFoUV1QisQqnppBTOmehbigjIYroH7z-FQgxFvGK5LFxE0Y9Lvcui5o58GzB7_rtlh29R_HJdE7OTjO2wE_5IxRrjqFyGwIs4V15h4beHWoYdIhHa3IRDtX6s_A1&cid=CAQSTABygQiD2O3MUtzy4cF0G4Sgypy1YKKYzJRFRp9njnyPGBUCIVFZtFCN0270eOhoGGiZKJ_7HajkWIzG7lJcfWmX-UG252pv6yj1L3gYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=8197688588119540000&adk=356101037&idt=206&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56a505af5071efd1bb8d1f5fb6c6496819d9ca927bb72670a849a8425d83b550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35974
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame ABF6
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:26 GMT
server
Kestrel
server-processing-duration-in-ticks
386191
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/j/
1 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2144473855&t=pageview&_s=1&dl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D9%86%D8%AC%D9%85%20%D8%A7%D9%84%D8%B3%D8%A7%D8%AD%D9%84%D9%8A%20%D9%88%20%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF%20%D8%A8%D9%86%20%D9%82%D8%B1%D8%AF%D8%A7%D9%86%20-%20%D8%A7%D9%84%D8%A8%D8%B7%D9%88%D9%84%D8%A9%20%D8%A7%D9%84%D8%AA%D9%88%D9%86%D8%B3%D9%8A%D8%A9%20-%202023-05-07&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1435645071&gjid=1506259818&cid=1104036331.1683472525&tid=UA-230085360-1&_gid=1033765419.1683472526&_r=1&gtm=457e3530&jsscut=1&z=830156142
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BBBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYkYPo4gEwAQ&v=APEucNVSWz6pb8gj2ai6cATrL4H7JbtTwj0Zruydl0Q0mI9KxeGYI8VkYnXfOU0lDMWFwcO26bcH5qRSvFADecbm4aVhy6N_H7a3pDJtNSNEtrUMNp0Vz9-NKA4SrhxsaDx9imr0Pi9dbjK5VEIf8Gq9OFcgrI9L5zsQImgDyrY2MnmMWZQ6E7kL1eNO5n98fcsjBKs2pnQ_vzf1mqOIqh9DGlC76wqijw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BBBE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFfAjoiH5EY1-Mh6.yYiOwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYkYPo4gEwAQ&v=APEucNVSWz6pb8gj2ai6cATrL4H7JbtTwj0Zruydl0Q0mI9KxeGYI8VkYnXfOU0lDMWFwcO26bcH5qRSvFADecbm4aVhy6N_H7a3pDJtNSNEtrUMNp0Vz9-NKA4SrhxsaDx9imr0Pi9dbjK5VEIf8Gq9OFcgrI9L5zsQImgDyrY2MnmMWZQ6E7kL1eNO5n98fcsjBKs2pnQ_vzf1mqOIqh9DGlC76wqijw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BBBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYkYPo4gEwAQ&v=APEucNVSWz6pb8gj2ai6cATrL4H7JbtTwj0Zruydl0Q0mI9KxeGYI8VkYnXfOU0lDMWFwcO26bcH5qRSvFADecbm4aVhy6N_H7a3pDJtNSNEtrUMNp0Vz9-NKA4SrhxsaDx9imr0Pi9dbjK5VEIf8Gq9OFcgrI9L5zsQImgDyrY2MnmMWZQ6E7kL1eNO5n98fcsjBKs2pnQ_vzf1mqOIqh9DGlC76wqijw
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:26 GMT
AN-X-Request-Uuid
4076ce97-254c-43d3-9fed-29a5b554f10e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.143; 185.213.155.143; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BBBE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYkYPo4gEwAQ&v=APEucNVSWz6pb8gj2ai6cATrL4H7JbtTwj0Zruydl0Q0mI9KxeGYI8VkYnXfOU0lDMWFwcO26bcH5qRSvFADecbm4aVhy6N_H7a3pDJtNSNEtrUMNp0Vz9-NKA4SrhxsaDx9imr0Pi9dbjK5VEIf8Gq9OFcgrI9L5zsQImgDyrY2MnmMWZQ6E7kL1eNO5n98fcsjBKs2pnQ_vzf1mqOIqh9DGlC76wqijw
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 07 May 2023 15:15:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.143; 185.213.155.143; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1f1bda13-0bcc-4b22-b5a1-840406247a87
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 69CC
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:01:02 GMT
expires
Mon, 06 May 2024 15:01:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7321
783 B
998 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6be762fe864f873157d12e6a7a4be396442a89cb338ef859517fe51c0346893a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7cogdyNtv6QhKxCc7ViD5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-7cogdyNtv6QhKxCc7ViD5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:26 GMT
expires
Sun, 07 May 2023 15:15:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 44B4
3 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
9008
x-jsd-version
2.7.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1198
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
version
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 44B4
171 KB
54 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c618d0210f46e9b9c6decff2ab712bf2f64546b3ac7d25e59996d3106d7adc32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
26540
x-jsd-version
2.7.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
55083
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
version
etag
W/"2acf7-zjDh6eFmUFvA+lQTGAEaiWfu5tM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 44B4
30 KB
11 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
28143
x-jsd-version
0.3.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10804
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ Frame 44B4
470 KB
131 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
1002413
x-jsd-version
0.4.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
133477
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
version
etag
W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
64cd2a7a31acc6b73923aaabf76d1a73.js
www.gstatic.com/mysidia/ Frame 39A7
8 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/64cd2a7a31acc6b73923aaabf76d1a73.js?tag=client_fast_engine_2019
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5563fee65170276d1dac906d6ecfef33bb587e428b7fb963f65d0de85e7e7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 13:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3655
x-xss-protection
0
last-modified
Thu, 04 May 2023 21:06:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 04 Aug 2023 13:19:11 GMT
3c7bc67e43deafbdafcccb3e8a106a20.js
www.gstatic.com/mysidia/ Frame 39A7
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/3c7bc67e43deafbdafcccb3e8a106a20.js?tag=core/multiplex_design_v1
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a241bc01e849b11d05bb225493da496db735e76db3d7f12328cb540aa3150f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 13:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4582
x-xss-protection
0
last-modified
Thu, 04 May 2023 21:06:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 04 Aug 2023 13:17:35 GMT
css
fonts.googleapis.com/ Frame 39A7
4 KB
729 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 13:47:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 15:15:26 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 39A7
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76719
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
50da30fc7121112b7739a204897bd9d4.js
www.gstatic.com/mysidia/ Frame 39A7
21 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/50da30fc7121112b7739a204897bd9d4.js?tag=exit_2019
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c82aa8a9663debdb09913ac5697565bf429cf25d4434366fa73826215c67add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 21:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9080
x-xss-protection
0
last-modified
Tue, 02 May 2023 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 21:47:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 39A7
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
76768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:55:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 39A7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 13:50:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 39A7
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76719
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39A7
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EAB
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2543424880906&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EAB
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2543424880906&version=m202301230201&ct=76&x=1&cor=2437182027386386400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4EAB
15 KB
11 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7fqjt3mq1jd8WDId07fnHZ7XY7wGDLnparhChmRrQUtVW-DfXfu_w8sSY0_O9YLJPZQDnCsZ3pA2qJkJgvPUMbwPF2Tym_2WbFUrhiuFYeMEH0q5Fa8v2MqLFWFlLYl7E1h8u45enxpc9QeuKNpdOYsFTX9WzUW1KI_cv5BQLPcv8Vrc&cry=1&dbm_d=AKAmf-CZsSGjPAYPYACsxSilsHlBjL5Be-1gShMur64SueCyJTOTAIGLeiexoWr8pnJbQzBsHwExnYsZlXIxbDXHy7YpQAu6prYkQkpgS2UvJEJMOar0iP3FgeVOBgu7kcXzXzddbqBDLTm2dJVFYrdf7r2P2PcQ9zB7wmPnf-aosRqx90JeKiHYkL2k-TheBJ-NEMZirzbuf_nuqBXDcWNeYWNsj45wJopAPUTAfkFwmuvKryz4WlMfPYZaUiftPykGI29X1S4QcPljXvOxoDNbhHq1OXtJhjoMcu_7FijIXy2-VJJuVnO6yYIgzBy87CnDekvWxG_OPEG9eWGH-p5DjGwsFaNPExlLHppl4D6aXt9uOoaRmdZ52ixJ2Z3WPqC4OO-hnGQM7U7djZm9UZUUgJ0ENmHYXtFeMKnCsxvop1JLmbsywUn1wKOdNqOFN0_L8FZS4hscb8Uve6HRMPx2moEHMtKwHDdnNjnXOXzihUYsmH1KEXj03Y9kYbPVINrANv8lMbTr8WCcI87bA60H2r2QM5wp_u3bj_ENL4i2RhLiU9TJhvKW_pbMdSPNpu0JEoSTjHGWrfjZhWljdrZCLD693dFmw4aVReR2hJOdzp9MxMF4FvSSY11kZDiXqqP67_dGPvCRApQtko1ceMTgE1SNsxU0fMhT9GKSIa48u9WygwUAMIJTodGSitjYG8LblSrMYhXjFaeo9c8jvM5WBoiVlLQy_wuzwAXkrChI2WwiU0BnvNN0FKyEWU5HJ9xfGYeDHkmAF1eGEK5-Wecn35vI0yi57OJq9aqgnF2Vsx07FUIq0DQw7q2MOOnjAZ5e70SqTfLY5Z2XO_mAnVb8G0nb5FUazmhWnV8cJrBdopbbJXZOLVAs02QHjYJ3-PguVd5iDwwVSI0YmB9UPL3827qUgvc7MyoSnoCpfUT7hHoo4AvLhdxIvrva1zP7yXUym0hDOKwYBePVs7xvy4sfRrzdh75-2QM7n5W58wzMRnfywVWqhP5gdE-Jt9KgSrvkei3BLt5Q_COnAQoVJzmRxky8MW12pUb1NBKHRi75d0vRnE-Zd-6OxHoJlqUtaFAlXXSQLjpenvABm4wXXdnEJKMzAqqun85v6MuumGS49CeApAVfzRliIIz2xzIjtS4aWDGovVYaMG7hWIls5Fa_eRy9GNoPfq04PIv-S_GqhHhuypqAmHl_tqkZwh34s9IjhXzQYBlhWh9PrkC2AFim-XW7LzaI4D21uHn3MUd5XQMTIROQ3n1fov42oSDj6smAbU2YjmCNlUG1AWwHJj2x2jT7ERSvAH82sH44VCFSaXxCNo8N1zF4jLMQDormFMo_jXr5SmKA0EHMbxWXMwnq8DX2HR6Ap4OHAz6WWe36JXAPmORfgB_nhIohHFVeS1n-PoDwXpPMiQf6wpPa3Jl7o8zTwSTeCB4PKak0-UaW8jrDCQtIw7yI0qJBO-PQiA38p4BwII6zxSEObxQJIVdQn8a1-tKvC3avcz7oDm_TDYv_ibrdG2DXoFJgxkAtCGtW20pIFmtd5X1ktC2kkDbmQGC6fKJuDWRhGstShO0H8mq1dlZjNAksruF-u5f9Pc9HY_Kd-CWWDDxsq7AEBLvGg5AgI_P1w_n6Q1khtM5xKBBwpeLOsXf_NZSe-WF-o6O06eW8X5Z7V0dXRSrHGIbjOPK-23OsNygu-y0FBH-W1tv7PrMxdzfulpXv4Mbw6qKkQ-N2S6bkNEzAuz84Ka9qzVCA6CyQNDXspo82larBmulnz-_CBtau5YeqPDqaqqBQPBHGdgMruZukMC5vim5uU3SJC-d98hKf4Zs8VtQ7xDhXXVoMgo45DeAPaW1Qk4bYK_Nc_NOf4g4yr7lHsRysGJrvuQ8G9gmSAdT9aoGfEZhU649Bo69agFwFNAURCm0G3H3YzvSR8WfKzwYcny6N5z0NWVahV_WaBZRzdla7PReDN7-FimjAUmQnn2MyHs3b77CDzanh4c9TmAG3ifagXWDcoyqb_B3DpKi3wbmG_g4965SaffiWqE7WlN0FViHXF7hm2gVZYZBObnMdH2a2UjiwXptrbGQQfaHhoLYoT1G2xPtQlyjYkYwPI_UDHzBLwH4gikbUO6RopxE5tX8mUyD0fnJeF5kPB9fTB9M9tSvLiTjyMlRkkpV8bx8OjpImb0gA46oNFh5EIXo2kdPGJiXpRopcLbSr1L9v1aYAIMlDSV5u3_gFvRK1_RmiOb21TKQ-1xkJ-vMuiP4erwEyaQdkY7S-RgkCqYGL8Go8IFCH23hc-lZ6zfs9jCTAmmgi7yAHiE0CGf-yCKwEFwirMOeOLkkj7zr-Duf4vCPyo8MD_9kuYeaKB8pcIazYOONe7pueIE8Tj1lUJqxiUkSLvy3JIOF4OK5SRFvBmrBHxLsJolLw1mJoKtLfzVgff2TDxq8mifXFhWvQvELKtfqJFhRk1g5joH7iGSP4zGG09Fau6zpASqg4Q1OHSZ6fjumzBHQaPCapiLUwyanjvgI3n8B21oQaphSBILfB3W4dZ8fJpRj_EZNdZqQOEqbkVjJIQYCPcCjNDdqWnNVZRj8j8g8hnOkHd7j5OgalQ5PdIH158MWOQBlg3vvQSfWgW_6I3KdAT5PjknAFi_XHpdloLaTojc4dkf35mc0Y29mWAPZQkf-Frz0AFEwRGV5WhAI8zHu6S1vMtjg2NZeChQk0l8nL4GwJ7ila3UrUjD4QzgWg54zdMXvKeacJrdDRj2EPM4rDRv-9yc4H7IWGToPEVY4ZyhhxArrh4yi4ZQt8zXc207SGz-cTDkw9ere7H0D5jjBBLjnXchOjMjp7oefaWqAw2JZgNFW0TUHdzuVWGd1y0Lh9JEcIdIJbzSNaHlx37wUaLI6LhFwwP_WBQWbuGAdt1EPjnOXYrybHA1FE_t5ETe4RagHrqtPP44OFt3dRq7g6tZg9zpZWlRn2ssGNuMDWrhvb4UpOdt2dbNp5tmHlbvVwuS6mZmRdtd1xnOFUgZgGWK9fZpGliRVAW_0uwjOY6n6HJHDlNAV40Epa93kH3wM-d4qklOpDf9eCNZgRbhd7i4U7C5lkUb9X4PK3t1K9pgV1HA&cid=CAQSPgBygQiD7tQ4j5N3su8Fdei-E_uF2WlX_1tCcyr083Sh9g8bohwo4C65Zp3WSPPonKNf9mNyS8LYL-VW-fSvGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=2437182027386386400&adk=2124396030&idt=143&cac=0&dtd=24
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53f6e4827153b22f45f2f2a6c50695e1eccd218ad81b3256e6cbc0c995fe3eff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11086
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame ABF6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=6K73IXxsenh5ekdEbDkySHRuOXdFM2ZOejlSejdDdC82cFNtdUFSZFJvWGlNRGp5YUtrdnVOQ0E2S0hmWXF5V2ZLbTZWUGhPQ0JYenM5eXphQko5TUpzdXBWL2d6S25KSzBzSjFtSUlaSjVQaERuNWoza3NhNEZ3N2NQbW...
433 B
660 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=6K73IXxsenh5ekdEbDkySHRuOXdFM2ZOejlSejdDdC82cFNtdUFSZFJvWGlNRGp5YUtrdnVOQ0E2S0hmWXF5V2ZLbTZWUGhPQ0JYenM5eXphQko5TUpzdXBWL2d6S25KSzBzSjFtSUlaSjVQaERuNWoza3NhNEZ3N2NQbWRHSytZTDNOT2hURHNHRnVPUTVKb25sSXk3WDNYQ0QxOW5aaTlkN1kwaWJHRXNxRVZJNTI5YXZMUmdqVTVGNTBXaW9TN1lleTRYb3JQTEN4Sm91amoyc1B5d3BwM3YzR0RISkdWR0dabkpRdyttcDR0V3VneVdTVUI4ZnZFZzlvVjFIanduRXNJMGg4RG5ZenRPZHdsalR6K2lYYjlpQT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ffc7509b7ef4b814bef8d9dc2338fb494a1ea272e17b55421408a433c8ce4a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1473182
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=6K73IXxsenh5ekdEbDkySHRuOXdFM2ZOejlSejdDdC82cFNtdUFSZFJvWGlNRGp5YUtrdnVOQ0E2S0hmWXF5V2ZLbTZWUGhPQ0JYenM5eXphQko5TUpzdXBWL2d6S25KSzBzSjFtSUlaSjVQaERuNWoza3NhNEZ3N2NQbWRHSytZTDNOT2hURHNHRnVPUTVKb25sSXk3WDNYQ0QxOW5aaTlkN1kwaWJHRXNxRVZJNTI5YXZMUmdqVTVGNTBXaW9TN1lleTRYb3JQTEN4Sm91amoyc1B5d3BwM3YzR0RISkdWR0dabkpRdyttcDR0V3VneVdTVUI4ZnZFZzlvVjFIanduRXNJMGg4RG5ZenRPZHdsalR6K2lYYjlpQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
340970
content-length
0
expires
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2D54
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame 2D54
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTqlAaC-zIrPRqwhNDd1NxWqBiyEq3OddsW2ab_Mt_OkujJ4EDdRtrrJ8SKhaNSBQpFs5Nxj046hl8P0f0T9LwWbJESA&cry=1&dbm_d=AKAmf-CxoDl2dIGWiXjZDhnY95giNCP42epsWCNxkALOyO1YpbRBfl2X0VDQXC4ww9iaWM7v5HuBc622xaL0h8G2zfakKjPGsf3myWXXotqjZtr0ultAQz9hrjsEQj8lQMK4P3JfwmUfqZsuaLJPPuC5yIx0RrnQQ2linsAMkHug0Evjoi_hLV1jAZeX6kiWmXN2BftsMe97_se0cMAx0Z2MtDB5DKPCB075euqw_dTMjOKWnMtsIxLn1c2Dc60FNhOOEY2T2z385h2F3lfv2h2DKM4Ee8EK0da3Us3et84ZPQR7AVcnHUmsKkL4Ddhg8iKC1CsaUdXvzTno1vp1GwB66Maox11tRTHtkD1Wt285NMEqzY9MQPec9xiiucS2nBZpQVUMlDJuLJZMTAN5dRXdsckqkbvhoiZGTwoaZp8NMZs3XACGFBY8Jq8lMt8cjIDx0ANvuWYHkTQsB8yFQKujhb8DPfg-WWEa6A9qeQWAKvGTFeLSTPmT2uFPTlSV9pLTSrKU3i11k7OujtpvZ3bEjRDnP7QnScCELf7YzZPoPT_DcZd8xxN_U-OjdQeD5nTMfs_cxDa1SVkwy63WvZsgAZk1YssSQB8dEydRoZ9S5yxXL89H_43HAd-r16-nbIhMK1p12BcBzfZEVqUxKo7j5jhNsL5lSK_zEbmVSSpmyUf1KC8B5SY3_tv_MyL6dZK3-JJZIFu80fLnBFFWnHSmbZ82J9KIZzhaxnurVfrh8iX_Pvw6F3Vf4KUhiu-XFBHL56ReZ0ROce-9B9dnbpxRVamPcG9vhoQU3z1g0mTSjDZzl_dutpQKMX34vG0OtXFguys8Blhtsz_m663xeaAZ7HF2eGAOqmzFnlOrVVI_6USrS2Xsf6HAtE8GWTK2zx37kzfwKbomwjnq9wo8j9XpTBix4z98Zz76PmcjgcEdGXjUksjrjnvxIImN6ZSoIJVCFu1IRd-9BY2264bquzSf79-c9TyhfgU9dNBx-OQxcTdVGXwNMpomFDKg4sJW8uUL0QLTmzE8kZSine8UfGbpmqap-29oH6wB576Jmprj8AYiv4X853RUOv1dmHyqiwpPP537CqvqjQcTiOv0vdp1gFXOQMgAkVD9iyVc5lDvPUGrvuEEj0BKLNFjkqtykOabX7w0V-UCoOoTKGWD9eYKXirjK4c4RGjDtjhXMbxaD5IVa4GT0knYe7Zx5YIa_FONuu5d43F_dT8EDrr5upavi9KjgpssHHvwHN8xOeepLEwlHDhsmI6494pqQ9RodZNAO2Q94601WQLTGP4o2khwPodGwvAUM_UsGrdl-b7d-x7UDd0Wj2SXgPQQ0pVgiKdXsiJFYY833oygqY7a8LbXw3q3mJMKqi9YYFDq-Sh86aQOZZWJg6fqh6RO6zWQyVmCK_rc_yHjFEjagZtKc6ADBq-rebugXRQzSbLW1MUKUnVRsi3FikuS5gj8QkrKuN2FtsvqMDt-IKGwwBeBy2Ma5dLJFN2jIuOXxQ1C_JCd4L5A4oSQubS6RHOsuHuE1M56ZggHUSOv9ssWQ_W00f5HEFCaUL9lemgcnHcYu6bB8-NuVI2zBt2-Irk3QZzQcuO3hynytMcNqKWTjoQZqbDG4GPSDZJRpMrUPAuU4seXDEmhsZ1zYNDVgw3JTFyiTWCp71fM4cdevE9vHY-LbL6sbqo12K6z8Fir-V22DvGecUELxSFOflvZF6zLrzoIg8RTlnKKIaHaFemjVErG9DvjZJGJZUHQvgok-vjrLiO1jQ8O_HCODaU1OJMU6i8D-sBS5npfUUb50ot-iE_nupl25IhCZXB5JY6QulcTid3MQwhcZZm2s92u3g3_TppnpnTYkwcQnF6Rfpm_7KVtD8O1Oyj87geOEQ8vYQ4xBpuQHByjg5_irg3eOomy-h1jo6zISprogSJ9NzP8GhV_BUwOOtdPF9vdPu_K62zdg_HjuQHlFAcMm4X23twPyTfAv3k6wbKTNJSvNxc3Djmr26KmMdSDUXuQXkygsko8ioFetTwHL9S2N08t4blAfstYbNxuX32UaAEFuFgck131UQSUlBFaWJiKQBuUPwoK3zhrtLDSRffpp5wTUAV8_62q2ntLcGnEPKCJZebwcntGNwRW6RJXLlNIuVxD6HHYyCtzHJDsOLwp2o-PiwMTVeVwc5GGCyYJIZ6snoxKcKfa16XR2BWyIMWZbMLusfk_sszojALWrpmWEsO7H9WT2-uzF-XoOQCrArHEoJevM4Q2kk-2JjcoZ_e_S2Pq63utLpz70wSkETIVkAqbULBY7Pp6r3ZYXCoLTU3BqetKgxgkfnosOjgOwEYcXtaw1Y8zeTlkLHLJxdbki_WA32hcJLgDJK-VWg7z07mukQYB1T9DooePwQDYR8R9zWDhOkboxhhG3t2jqfw59fRvDeYagdoTPxrQOxuE6-AvRlx4XM-T9kGYjSGhIJ-F3UvLzmcBttwmAvmc7et06QoZRGTaxu5DkcKvefSqar2JvLUqo1TT6oplu1oH3h8qz1BEpaBfpjm8o-dIja0oL6eJIzf17YJ2VsyzW3beCIbtACpTgMnCyrg2n0N5njXdCGHtNINezyk4LEty_lY8uwMZSOXUMK3IY0pdDTRQB3mJckoxx4twIYNJ_sFkoeU4K530IFkDiXkT1eWgND6QWYdFku24CosFr4ETpi2ArZzp7tx8ZRi-XgwoabokkmdULDODXaBjMWVsqx9xHrGrtqTxoAo8aDfaArkgjeTcAMCStuFtFBTbhDtXMxx3yNcI8CeX5VF9uKYfHi4xFeMByJBQmv5I37VEXPj5sgoBITZskJGUrQf_M4pprWN6j1Xx1JfhrY4kUwK9LCmZhXbwOwIvZc_PnEYT0SLp_eyh0EtIlifrJW9D6VUOyRMeay2S2z7RPaXM3t1a1Trms8t7--i5lSQ0EgrgVanr7GFveZ42OVDGeTq6X6DYpTZNyVC-GHqBk4CuxxnwfqVjk_J5qjoNu6MiMej-9zeAM3B7dsSM8hPQqZxTKRZbdiwfZCJ_jeM3bx38eYEB6g71HgrwD7kBJXh2fJHAmcJIjCWQkkTXpLP7ERc8ayOOoLMsj2rYy7oslPp0KNGQZz1bL_ZGYWKtVUc30fgQapV83lv-JaefuojkbnG51RixxjAmv4daleFc7HlaulPZVF_t3QBQcw9IC67JbNo1g4A87YHmRIK1zG9Q89U7INgjw7QtLn5vJPm6G_gooVyk7C-fPD2GUt2IY5vKfrMoEKOek6n5wgY3UXFELibSJuqQsU1BmPLt_woKbjNvz99o1mAT2MPBGTYgbYUv1xRRvmjsN4a9hmvhIj2_mJZSp70dXdyiJkgg1ZHF_VBUTFsk4K0-UBIvoOTY3JeJ0ZPwDn4ddXBUrFdjQtboejHZ2xwQKkx7UjyIKKFaXyucmCYEHiSSoMf69_i4K2qOUxKnext25vq9pwbvn9NNRKaTccJDab5yqyKIFT8d90by7CvUVwSSDeBVQfIXGZmRqdoMkg5SDGUN5PWow7sp5cbgI0l8-Uwm2erFM4pZQjsiAIecfT4UvE-nVh_lpuQ0ARCz7nWJfUR1ahiun_A5eFoUV1QisQqnppBTOmehbigjIYroH7z-FQgxFvGK5LFxE0Y9Lvcui5o58GzB7_rtlh29R_HJdE7OTjO2wE_5IxRrjqFyGwIs4V15h4beHWoYdIhHa3IRDtX6s_A1&cid=CAQSTABygQiD2O3MUtzy4cF0G4Sgypy1YKKYzJRFRp9njnyPGBUCIVFZtFCN0270eOhoGGiZKJ_7HajkWIzG7lJcfWmX-UG252pv6yj1L3gYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=8197688588119540000&adk=356101037&idt=206&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
76459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:01:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 2D54
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTqlAaC-zIrPRqwhNDd1NxWqBiyEq3OddsW2ab_Mt_OkujJ4EDdRtrrJ8SKhaNSBQpFs5Nxj046hl8P0f0T9LwWbJESA&cry=1&dbm_d=AKAmf-CxoDl2dIGWiXjZDhnY95giNCP42epsWCNxkALOyO1YpbRBfl2X0VDQXC4ww9iaWM7v5HuBc622xaL0h8G2zfakKjPGsf3myWXXotqjZtr0ultAQz9hrjsEQj8lQMK4P3JfwmUfqZsuaLJPPuC5yIx0RrnQQ2linsAMkHug0Evjoi_hLV1jAZeX6kiWmXN2BftsMe97_se0cMAx0Z2MtDB5DKPCB075euqw_dTMjOKWnMtsIxLn1c2Dc60FNhOOEY2T2z385h2F3lfv2h2DKM4Ee8EK0da3Us3et84ZPQR7AVcnHUmsKkL4Ddhg8iKC1CsaUdXvzTno1vp1GwB66Maox11tRTHtkD1Wt285NMEqzY9MQPec9xiiucS2nBZpQVUMlDJuLJZMTAN5dRXdsckqkbvhoiZGTwoaZp8NMZs3XACGFBY8Jq8lMt8cjIDx0ANvuWYHkTQsB8yFQKujhb8DPfg-WWEa6A9qeQWAKvGTFeLSTPmT2uFPTlSV9pLTSrKU3i11k7OujtpvZ3bEjRDnP7QnScCELf7YzZPoPT_DcZd8xxN_U-OjdQeD5nTMfs_cxDa1SVkwy63WvZsgAZk1YssSQB8dEydRoZ9S5yxXL89H_43HAd-r16-nbIhMK1p12BcBzfZEVqUxKo7j5jhNsL5lSK_zEbmVSSpmyUf1KC8B5SY3_tv_MyL6dZK3-JJZIFu80fLnBFFWnHSmbZ82J9KIZzhaxnurVfrh8iX_Pvw6F3Vf4KUhiu-XFBHL56ReZ0ROce-9B9dnbpxRVamPcG9vhoQU3z1g0mTSjDZzl_dutpQKMX34vG0OtXFguys8Blhtsz_m663xeaAZ7HF2eGAOqmzFnlOrVVI_6USrS2Xsf6HAtE8GWTK2zx37kzfwKbomwjnq9wo8j9XpTBix4z98Zz76PmcjgcEdGXjUksjrjnvxIImN6ZSoIJVCFu1IRd-9BY2264bquzSf79-c9TyhfgU9dNBx-OQxcTdVGXwNMpomFDKg4sJW8uUL0QLTmzE8kZSine8UfGbpmqap-29oH6wB576Jmprj8AYiv4X853RUOv1dmHyqiwpPP537CqvqjQcTiOv0vdp1gFXOQMgAkVD9iyVc5lDvPUGrvuEEj0BKLNFjkqtykOabX7w0V-UCoOoTKGWD9eYKXirjK4c4RGjDtjhXMbxaD5IVa4GT0knYe7Zx5YIa_FONuu5d43F_dT8EDrr5upavi9KjgpssHHvwHN8xOeepLEwlHDhsmI6494pqQ9RodZNAO2Q94601WQLTGP4o2khwPodGwvAUM_UsGrdl-b7d-x7UDd0Wj2SXgPQQ0pVgiKdXsiJFYY833oygqY7a8LbXw3q3mJMKqi9YYFDq-Sh86aQOZZWJg6fqh6RO6zWQyVmCK_rc_yHjFEjagZtKc6ADBq-rebugXRQzSbLW1MUKUnVRsi3FikuS5gj8QkrKuN2FtsvqMDt-IKGwwBeBy2Ma5dLJFN2jIuOXxQ1C_JCd4L5A4oSQubS6RHOsuHuE1M56ZggHUSOv9ssWQ_W00f5HEFCaUL9lemgcnHcYu6bB8-NuVI2zBt2-Irk3QZzQcuO3hynytMcNqKWTjoQZqbDG4GPSDZJRpMrUPAuU4seXDEmhsZ1zYNDVgw3JTFyiTWCp71fM4cdevE9vHY-LbL6sbqo12K6z8Fir-V22DvGecUELxSFOflvZF6zLrzoIg8RTlnKKIaHaFemjVErG9DvjZJGJZUHQvgok-vjrLiO1jQ8O_HCODaU1OJMU6i8D-sBS5npfUUb50ot-iE_nupl25IhCZXB5JY6QulcTid3MQwhcZZm2s92u3g3_TppnpnTYkwcQnF6Rfpm_7KVtD8O1Oyj87geOEQ8vYQ4xBpuQHByjg5_irg3eOomy-h1jo6zISprogSJ9NzP8GhV_BUwOOtdPF9vdPu_K62zdg_HjuQHlFAcMm4X23twPyTfAv3k6wbKTNJSvNxc3Djmr26KmMdSDUXuQXkygsko8ioFetTwHL9S2N08t4blAfstYbNxuX32UaAEFuFgck131UQSUlBFaWJiKQBuUPwoK3zhrtLDSRffpp5wTUAV8_62q2ntLcGnEPKCJZebwcntGNwRW6RJXLlNIuVxD6HHYyCtzHJDsOLwp2o-PiwMTVeVwc5GGCyYJIZ6snoxKcKfa16XR2BWyIMWZbMLusfk_sszojALWrpmWEsO7H9WT2-uzF-XoOQCrArHEoJevM4Q2kk-2JjcoZ_e_S2Pq63utLpz70wSkETIVkAqbULBY7Pp6r3ZYXCoLTU3BqetKgxgkfnosOjgOwEYcXtaw1Y8zeTlkLHLJxdbki_WA32hcJLgDJK-VWg7z07mukQYB1T9DooePwQDYR8R9zWDhOkboxhhG3t2jqfw59fRvDeYagdoTPxrQOxuE6-AvRlx4XM-T9kGYjSGhIJ-F3UvLzmcBttwmAvmc7et06QoZRGTaxu5DkcKvefSqar2JvLUqo1TT6oplu1oH3h8qz1BEpaBfpjm8o-dIja0oL6eJIzf17YJ2VsyzW3beCIbtACpTgMnCyrg2n0N5njXdCGHtNINezyk4LEty_lY8uwMZSOXUMK3IY0pdDTRQB3mJckoxx4twIYNJ_sFkoeU4K530IFkDiXkT1eWgND6QWYdFku24CosFr4ETpi2ArZzp7tx8ZRi-XgwoabokkmdULDODXaBjMWVsqx9xHrGrtqTxoAo8aDfaArkgjeTcAMCStuFtFBTbhDtXMxx3yNcI8CeX5VF9uKYfHi4xFeMByJBQmv5I37VEXPj5sgoBITZskJGUrQf_M4pprWN6j1Xx1JfhrY4kUwK9LCmZhXbwOwIvZc_PnEYT0SLp_eyh0EtIlifrJW9D6VUOyRMeay2S2z7RPaXM3t1a1Trms8t7--i5lSQ0EgrgVanr7GFveZ42OVDGeTq6X6DYpTZNyVC-GHqBk4CuxxnwfqVjk_J5qjoNu6MiMej-9zeAM3B7dsSM8hPQqZxTKRZbdiwfZCJ_jeM3bx38eYEB6g71HgrwD7kBJXh2fJHAmcJIjCWQkkTXpLP7ERc8ayOOoLMsj2rYy7oslPp0KNGQZz1bL_ZGYWKtVUc30fgQapV83lv-JaefuojkbnG51RixxjAmv4daleFc7HlaulPZVF_t3QBQcw9IC67JbNo1g4A87YHmRIK1zG9Q89U7INgjw7QtLn5vJPm6G_gooVyk7C-fPD2GUt2IY5vKfrMoEKOek6n5wgY3UXFELibSJuqQsU1BmPLt_woKbjNvz99o1mAT2MPBGTYgbYUv1xRRvmjsN4a9hmvhIj2_mJZSp70dXdyiJkgg1ZHF_VBUTFsk4K0-UBIvoOTY3JeJ0ZPwDn4ddXBUrFdjQtboejHZ2xwQKkx7UjyIKKFaXyucmCYEHiSSoMf69_i4K2qOUxKnext25vq9pwbvn9NNRKaTccJDab5yqyKIFT8d90by7CvUVwSSDeBVQfIXGZmRqdoMkg5SDGUN5PWow7sp5cbgI0l8-Uwm2erFM4pZQjsiAIecfT4UvE-nVh_lpuQ0ARCz7nWJfUR1ahiun_A5eFoUV1QisQqnppBTOmehbigjIYroH7z-FQgxFvGK5LFxE0Y9Lvcui5o58GzB7_rtlh29R_HJdE7OTjO2wE_5IxRrjqFyGwIs4V15h4beHWoYdIhHa3IRDtX6s_A1&cid=CAQSTABygQiD2O3MUtzy4cF0G4Sgypy1YKKYzJRFRp9njnyPGBUCIVFZtFCN0270eOhoGGiZKJ_7HajkWIzG7lJcfWmX-UG252pv6yj1L3gYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=8197688588119540000&adk=356101037&idt=206&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de1346a42d1d61f1b1bb581cc38a9a6662570b67fbca3b9d4dd3b36e446b6a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
76325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10880
x-xss-protection
0
server
cafe
etag
12570010719352825067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:03:21 GMT
config.json
player.adtelligent.com/exchange_rates/313490/
11 KB
5 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8812b1db657ace17061e9b6686f4d5195d72797e52d8e1cc8555bf6b2b268765

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

expires
Tue, 09 May 2023 15:15:26 GMT
date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
last-modified
Fri, 05 May 2023 12:02:52 GMT
server
nginx
etag
W/"6454f06c-2ac9"
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=172800
x-proxy-cache
HIT
e.js
live.demand.supply/x/
0
497 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=nsi&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Sun, 07 May 2023 15:15:26 GMT
cf-cache-status
HIT
age
76899
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b1a6e729152-FRA
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
378 B
162 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=2838093072388165&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=7&adks=1483024627&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472526492&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11664752ac3ca2293971d6e68606738c5cfbd9e86edb3c4e73ad3ec113346b55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=559855126195002&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&adks=1163496608&didk=3847343502&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472526497&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c316c29d33a0fef282f0b50aa72c9d1cd3a18a888f693d95852425b400abc19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13409
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
138 KB
37 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=1321758983741660&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cb17090f6-08a6-4b68-a0ee-9e4e6b306a62&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&adks=4082428376&didk=3642258492&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D1cc3cf29-a297-4e03-a814-57797b2c03ce%26chrand%3Dn%26pof%3D1%26bsc%3D83&eri=1&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472526501&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65c6d2a8e530ff087f4ad8d7602ee3dfa72d09e4aa0ee6c4f9f6dfaf69baf547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37771
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=2177962982484320&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C39a08c37-8599-49df-916b-1911d54fde51&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=10&adks=3798359599&didk=1418515199&sfv=1-0-40&prev_scp=ti%3D1cc3cf29-a297-4e03-a814-57797b2c03ce%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D83%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472526504&lmt=1683472524&dlt=1683472524875&idt=554&adxs=314&adys=2768&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0bc7613aaa734a8f4b8cbf1528d91219465d910871029b138ddf15c27e711b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10179
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 726C
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lhdk2qub&c=6911857991581&slotId=3455928995790.5&qqid=COHl_-6_4_4CFcjb3godrl0P7w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C44776384%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c0c::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 726C
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 06:22:44 GMT
x-content-type-options
nosniff
age
118362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 06:22:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 726C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 06:10:15 GMT
x-content-type-options
nosniff
age
119111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 06:10:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 726C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CP-mtjcBXZKHrIci3-wauu734Dv_Oi-Ntu-GlgrIQ5eqrr94BEAEglZvKIWCV4pCCoAegAbH6_-oCyAEFqAMByAObBKoEgwJP0GDKdWGcYm8Jn1zdJfoux92t660HNTzGD5jJyT93kX8XSgq8VS-MMQcXT0tWC0M0gH8BmZsGdvJMeLqyWfcyRqWBShuPmWtBxwc-_MEdmz3Ml451ewu2aHWl74yZDgySjEFi216CBmvj8KlJx675V62JAO7Qo_-uIEEboLBCRPZMEfKBuPLpTO9GShy89ct_hyUy26aoilLjtMlyKdsyhwlCsFtvSvoYMK87BSO2kIBJxPQklHasqtDiJg9FMZogzauGjvSvjML1In06j5ykAdBVPND8yAbmcJePj3gjJOq__iZBC5_xls7OWbafSeu4iKQF_TW_KR5EqVSn0zZVYCvhwATw0rq4lQTgBAOQBgGgBnmAB7eFgJUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGwE8TyyhLQEwDYEw2IFAfYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1683472526520&ai=CP-mtjcBXZKHrIci3-wauu734Dv_Oi-Ntu-GlgrIQ5eqrr94BEAEglZvKIWCV4pCCoAegAbH6_-oCyAEFqAMByAObBKoEgwJP0GDKdWGcYm8Jn1zdJfoux92t660HNTzGD5jJyT93kX8XSgq8VS-MMQcXT0tWC0M0gH8BmZsGdvJMeLqyWfcyRqWBShuPmWtBxwc-_MEdmz3Ml451ewu2aHWl74yZDgySjEFi216CBmvj8KlJx675V62JAO7Qo_-uIEEboLBCRPZMEfKBuPLpTO9GShy89ct_hyUy26aoilLjtMlyKdsyhwlCsFtvSvoYMK87BSO2kIBJxPQklHasqtDiJg9FMZogzauGjvSvjML1In06j5ykAdBVPND8yAbmcJePj3gjJOq__iZBC5_xls7OWbafSeu4iKQF_TW_KR5EqVSn0zZVYCvhwATw0rq4lQTgBAOQBgGgBnmAB7eFgJUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGwE8TyyhLQEwDYEw2IFAfYFAHQFQH4FgGAFwE
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 726C
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lhdk2qwq&c=6911857991581&slotId=3455928995790.5&qqid=COHl_-6_4_4CFcjb3godrl0P7w&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c0c::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 726C
23 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BJMlioRs11rozZ_2WNA5s2mR4dQt6RqC9Cb8rkp5VhsMa6fAN_b2-VVuY56-00UtHkZhFmaceI9OYVy4Z7mATIemJC1A&cry=1&dbm_d=AKAmf-Avty65KdFMWuRqJ5h60WM3h-Ek4IbOS6584_YQ2KquYhp_-LRV704ZZMZuBFbiQ0UVGg06GnYLd9m1I3rwGE9Vp0YicGXbBHJ8SD0oTDSU5t6p-5bhPfqPcbdac0elJhHJ5tygS808XOczmpy9Ac2q6pPJlZ1_z_IuS8nO1DCnnH6djxfwVPFugZz8mkUn6jY2nrt23EJBUnfnkmOfClMbu66QLiBWlUugDetRxlbNRUANl_C0PeREVX6a5jA_hZTIbRNQKvmWMXRIcXIMkuLsl9dDj0_907L1_-4PBVQQ67U4tPLE_oBDnKGxs2ifRRJ6KCw5WO3plNKBJZRWOEDHijBnIGnhn749BCHkvGsPOjzKNn9_O4dASNNFI6BYfHnMMYOOtLX2_FU3trXDO__59IRH8B0lnmB0tBEGm1W9yOknUUeU0v4e0q7nrCpxWIjPzxxLFvwmFnBz3Gj2uyHv-sNcvRviN79h_UGgXuo-vR9t_XZqGuRAfz7Obgq8t5gWgGrYyRQQbcYGXmarqt0D06v_sjAzColdsFZIsIsQgxMTqsj-L_v7BraZaTrR4xqVeFnHUCsZoekFFA5By9iZtcBu29mKk7f4HNeXuf3zp6lNan-Ez25nib9D8ZaKoZF0yPPEPxDrccqCBxIu7nLsSQsNwomX5zbGTdWfn_2VwLVOEQvGrqOs8hQtV1Nzt3La7EvO8S23J50XfNQxCWuzA6m_j4Ch2-pB3ldQLLs7J0ap6XOUdfe3tZIhjEDWsvL9C4MMZ7u5FIBs5D3z1w7ESSd7nPeGm2b1F7AGwN1eiHT1WyM_48AaoiObw2FDTaT0qqyjp7ze7D9hE_GvskdTCcuDV2p77Zg3P_mauo8i9jSFF7MH-R5YGjEKFJtx61phci9ZRAg-H_92nSM-k_B08oDjnQ6J5_85X4WvxScid2t4LiWXbgERX-aEbWSxbU8tMc08w7Gdm-pPs0jgwWXvQ3f9mtsHMp47eqe4yimZ463r-SHVtlAiUWCVCKd6zKQ-SxnjCTlSEgt5gMbegGneh4ZCHJKfjKnvcaJY9hLhhCnsaGEBubK6iAr42g79GWYxsdonEYdSBtWfX0h7FP8VQB6erBV29zuuopgd5xEN58-Gn2vNyiBAnz2HNliTkR8RjPAA1AEC8VMCdDUiNE6VH-tTQVZHIbEdA4A2UcyHjxpSwkht-tbg3mYeSLQ6lMywbevKkm-SAm3qsCVyvyqsAX2S1nVL_d-ZEqYNrlyMg4gxnmxzIEqKQ_xdbhxWUapXovJT9wjVJwPGF7d4kB30JzVDJu1e9odXM3LIrSTKm0COqAS8KqwradtUtue97bD1LgdlDngFdXCNQA3xxJiIOqkl-2dYPFytTSGTbLHu9H63iyhxn1SF8EHt_yBnuiQSReKiCtk1agI8--D68j3uakrbEDZwqRyFSlvXrh9jQHOW-eXrBQ8aROtiE0AePkO-kcrtUBXCIcEVq7E97nPPODCtS2LLRiMg-i2PvnwB0nRW2b0OgyUKOLUP95O9F9uWVymJKEey8qsHdoCcMH-jGaAxotmD2XX5nvSTnxY9V0jgSuaHTJWxEgpbsbsSEC-S6Qhe6GmgEZYiHr6DlnMI4vcDryMC1UaWpjwtZGqlDegwPUjTPTVDnpDUMGQoIw3T3hS6cOi9higRWIGJYiwh-aoVYFkfejoUqf-vT6krDiF1QQktu7vd2EepKMNkPN7gbgfPjtZdfoLE0GFQ_xh4K-mK9x1X2hxAi4Dbz2XkqI7eOdN-KzG35IEIMWaPJXaA-gRi4hCmN5j7ZHOg-draMU_eeujif8kCdXFdcvW96aA8NnskJF7AZNaFgc0jE4u2PGNdseL9dE_Pk0DPtCCTEvb5uIWDAWxdpW0oXefvqBNXe44q24U-8B44QCl7Sm0W7d3BY9x892DTqMMcTow4YxJX94uDf_ANBu8jSRwyMCNEHx4GPwH-pvRLjrDdutSdWcY0JEO0bU2hCCAfAgt8GamWf4aW8vGleNWGYCCGnhbB4yBuhPTPUsg5rRv7NMFuR1OmDA18660RiKoFqOBStlW0v5UAwzkgrkhzRrjlatk1mCGUaoFK9rQ7NwRc9NSs1cPqZOP5wYxI3j8Lj1DWirRcLMwalFC0x0mczVGzdW9nnWyi-ZKB8p9yizSdBKcRk7MTufxS1zND8tAD2NarzGrbmLEt6X5-bfWb0DGt6PQm4sqbEyrHwoRIYkK0grr7bttuYVJBYo-UOZRUbstk87_GnyCS-AK-nzTdZ1f3SqUUCaD4TuF-FlFVBUThuu4WpNQLG7S1TSuJQTfTdhCI-Al8UGL2Y6ApywbmvQHxK0aquZ92KRO4ZeDPn6H-P82cGs8pb0dzj1BjVtaI05k_61TWo9aUjRC4zdC5V2xUmKtmC1mAPG0OgZNW-gUmLpy7nu6kdI03aEnG4X8uoKM_ZZJjtabOSQ8cQRmKruelQ1p-Rg-eikh33RzsTqUpNB05QKHplJ2Glp9GEgn8LOCg-EyRFM9-9deCjX7RPT-98KDmVE76x2QZXqeMD5ih7w-sixuOgvHRSHaAh3GSMBjjBqLXeGrYOKsvVrIzY9y3owg84qbKiRrbrvL_IawIT5RRooOGLrNc3tFLn-oHkBCOaoB_mMOkUQIrVRB5Fz_W0ndcd6DwuFlRqPISOSqMCX2tot5BgZVWriuICmQpb4fSUUmxA8o3OJdrDHdcp4Q03G_LoWSIz8aGsdO9SJkX2MXiLpsbpJkFPrUujGHVDpb3SO7QQgkzCuM0nUUNmwgp4fl_TLxE3fuAdMEI1D2ix5JB-2YDbBera22WKwEN5_FjfGNdBHgVlOaDdVm-mzlAygRMTxM0PJ8mwHndfEm-4kjUT2xStwW9fJOtLtKyJ4pJKeSEZNOpCgypTa8lCNeKX8TH3T2B7d0NnubQ_vXTqjosPmfoE0FQ_izNFmR5fN3wR2fs2m7-d3laS4vKBXfnwVAnKz26SDA4YZ-ZXeu1BCR7ifHtTbVyWjHZRQ6wfGSvQZdg6GTGmPJ1QPH3XEZ65z3Mct_wKyBWgLlR4ZAuBextrse8x9BgqpMBMJy0QhGxPq4qAPWQq_kLGPcSi2-lV3Jo-04OCwy9zgzyjvvHqTDs1LfBDRSb7GO6QAB19QQdPxahqi4vHA2b8M2ve630yU-QsDrhdCjXS0Kt5HIMvhumxN06UPyO1Akkf9qavXaEqIx9Wt5dQNW3_pNJaGDSbzv99qdMJtQ_5-1WmvjHLTkGeSaY28fPYP8AshLA8oiDfP2ldPwqUOr4p_Tp2q5EEcP9g-_Ig9EUByKBC1jnHmBfUO8nwDVliU8tbn8WGV2FCc1EgImCoiX7mobbDgAsLPEtZ7_JPSyE2cbN6yBIm-89WFXA7kJo8Wcjhea49I0Qqi2tTRv87VpSan_eqyDIQa9opl2nOVSLfyKXTTcxhjm1CPgLM8GvojM9QZuZgxEehAa0sN8LahXPeqUFrAKPPJYEs79I8z4sMUAjuiiK0E12L8JrLBGHJ-OdmRWphhacAv397q8AoXcsQvSAp0UudXZg5e1IUPYCNRItON7gKWYo20A0aPF8FnT-TZuFSRfHWF4fBQw50XwKgpdnvXfKeISkpSf-Q17OpjNPRXHHEvbmg2m6LaeON7SPluaBqYGH4fA90dLF7sSv2EHQawFC8rIo3s0tv3fxLN8EbFBcgQyQpN2B&cid=CAQSTABygQiDXDpF3XKl3ImYCsaVLM4vQkesqJrJK5wydZizyIqfygfOH_W1DqrAn5keDedKPjYVsc-EqQxlmMZlTc4MQ_xxP5iLOu7F7kYYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f156.1e100.net
Software
cafe /
Resource Hash
a204c245000c3ba978acb089ca42485a40f67e79b4f4ff497531642f14343580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15729
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ghb.aplhb.adipolo.com/geo/
154 B
425 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19484/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e45594ee19f5dee57734d3e58303f6234dd137cac40b8fe367b95049ab5f2f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:25 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.aplhb.adipolo.com/adunit/
43 B
434 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=739813&site_id=17175&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&adid=dk2qup.8f&features=81952&vpbv=N108&tte=741&lifecycle_tte=2206
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19484/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:25 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
localstore.js
script.4dex.io/
483 B
1018 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
243636
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKBKiaTZiJu9qCzQV%2BXs%2BhmruD1QPQTZtrAii6cpDKFxcldyjZiF%2FzhvDsLtIgd7npHP1QRGqzFK2meThZWkKkEJ79875poQXqmiTI4WHIwdFC9D54kF0TYxJo0ylgGhOT6Kl2sMdt6uMoq9"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c3a6b1b3e453645-FRA
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4EAB
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7fqjt3mq1jd8WDId07fnHZ7XY7wGDLnparhChmRrQUtVW-DfXfu_w8sSY0_O9YLJPZQDnCsZ3pA2qJkJgvPUMbwPF2Tym_2WbFUrhiuFYeMEH0q5Fa8v2MqLFWFlLYl7E1h8u45enxpc9QeuKNpdOYsFTX9WzUW1KI_cv5BQLPcv8Vrc&cry=1&dbm_d=AKAmf-CZsSGjPAYPYACsxSilsHlBjL5Be-1gShMur64SueCyJTOTAIGLeiexoWr8pnJbQzBsHwExnYsZlXIxbDXHy7YpQAu6prYkQkpgS2UvJEJMOar0iP3FgeVOBgu7kcXzXzddbqBDLTm2dJVFYrdf7r2P2PcQ9zB7wmPnf-aosRqx90JeKiHYkL2k-TheBJ-NEMZirzbuf_nuqBXDcWNeYWNsj45wJopAPUTAfkFwmuvKryz4WlMfPYZaUiftPykGI29X1S4QcPljXvOxoDNbhHq1OXtJhjoMcu_7FijIXy2-VJJuVnO6yYIgzBy87CnDekvWxG_OPEG9eWGH-p5DjGwsFaNPExlLHppl4D6aXt9uOoaRmdZ52ixJ2Z3WPqC4OO-hnGQM7U7djZm9UZUUgJ0ENmHYXtFeMKnCsxvop1JLmbsywUn1wKOdNqOFN0_L8FZS4hscb8Uve6HRMPx2moEHMtKwHDdnNjnXOXzihUYsmH1KEXj03Y9kYbPVINrANv8lMbTr8WCcI87bA60H2r2QM5wp_u3bj_ENL4i2RhLiU9TJhvKW_pbMdSPNpu0JEoSTjHGWrfjZhWljdrZCLD693dFmw4aVReR2hJOdzp9MxMF4FvSSY11kZDiXqqP67_dGPvCRApQtko1ceMTgE1SNsxU0fMhT9GKSIa48u9WygwUAMIJTodGSitjYG8LblSrMYhXjFaeo9c8jvM5WBoiVlLQy_wuzwAXkrChI2WwiU0BnvNN0FKyEWU5HJ9xfGYeDHkmAF1eGEK5-Wecn35vI0yi57OJq9aqgnF2Vsx07FUIq0DQw7q2MOOnjAZ5e70SqTfLY5Z2XO_mAnVb8G0nb5FUazmhWnV8cJrBdopbbJXZOLVAs02QHjYJ3-PguVd5iDwwVSI0YmB9UPL3827qUgvc7MyoSnoCpfUT7hHoo4AvLhdxIvrva1zP7yXUym0hDOKwYBePVs7xvy4sfRrzdh75-2QM7n5W58wzMRnfywVWqhP5gdE-Jt9KgSrvkei3BLt5Q_COnAQoVJzmRxky8MW12pUb1NBKHRi75d0vRnE-Zd-6OxHoJlqUtaFAlXXSQLjpenvABm4wXXdnEJKMzAqqun85v6MuumGS49CeApAVfzRliIIz2xzIjtS4aWDGovVYaMG7hWIls5Fa_eRy9GNoPfq04PIv-S_GqhHhuypqAmHl_tqkZwh34s9IjhXzQYBlhWh9PrkC2AFim-XW7LzaI4D21uHn3MUd5XQMTIROQ3n1fov42oSDj6smAbU2YjmCNlUG1AWwHJj2x2jT7ERSvAH82sH44VCFSaXxCNo8N1zF4jLMQDormFMo_jXr5SmKA0EHMbxWXMwnq8DX2HR6Ap4OHAz6WWe36JXAPmORfgB_nhIohHFVeS1n-PoDwXpPMiQf6wpPa3Jl7o8zTwSTeCB4PKak0-UaW8jrDCQtIw7yI0qJBO-PQiA38p4BwII6zxSEObxQJIVdQn8a1-tKvC3avcz7oDm_TDYv_ibrdG2DXoFJgxkAtCGtW20pIFmtd5X1ktC2kkDbmQGC6fKJuDWRhGstShO0H8mq1dlZjNAksruF-u5f9Pc9HY_Kd-CWWDDxsq7AEBLvGg5AgI_P1w_n6Q1khtM5xKBBwpeLOsXf_NZSe-WF-o6O06eW8X5Z7V0dXRSrHGIbjOPK-23OsNygu-y0FBH-W1tv7PrMxdzfulpXv4Mbw6qKkQ-N2S6bkNEzAuz84Ka9qzVCA6CyQNDXspo82larBmulnz-_CBtau5YeqPDqaqqBQPBHGdgMruZukMC5vim5uU3SJC-d98hKf4Zs8VtQ7xDhXXVoMgo45DeAPaW1Qk4bYK_Nc_NOf4g4yr7lHsRysGJrvuQ8G9gmSAdT9aoGfEZhU649Bo69agFwFNAURCm0G3H3YzvSR8WfKzwYcny6N5z0NWVahV_WaBZRzdla7PReDN7-FimjAUmQnn2MyHs3b77CDzanh4c9TmAG3ifagXWDcoyqb_B3DpKi3wbmG_g4965SaffiWqE7WlN0FViHXF7hm2gVZYZBObnMdH2a2UjiwXptrbGQQfaHhoLYoT1G2xPtQlyjYkYwPI_UDHzBLwH4gikbUO6RopxE5tX8mUyD0fnJeF5kPB9fTB9M9tSvLiTjyMlRkkpV8bx8OjpImb0gA46oNFh5EIXo2kdPGJiXpRopcLbSr1L9v1aYAIMlDSV5u3_gFvRK1_RmiOb21TKQ-1xkJ-vMuiP4erwEyaQdkY7S-RgkCqYGL8Go8IFCH23hc-lZ6zfs9jCTAmmgi7yAHiE0CGf-yCKwEFwirMOeOLkkj7zr-Duf4vCPyo8MD_9kuYeaKB8pcIazYOONe7pueIE8Tj1lUJqxiUkSLvy3JIOF4OK5SRFvBmrBHxLsJolLw1mJoKtLfzVgff2TDxq8mifXFhWvQvELKtfqJFhRk1g5joH7iGSP4zGG09Fau6zpASqg4Q1OHSZ6fjumzBHQaPCapiLUwyanjvgI3n8B21oQaphSBILfB3W4dZ8fJpRj_EZNdZqQOEqbkVjJIQYCPcCjNDdqWnNVZRj8j8g8hnOkHd7j5OgalQ5PdIH158MWOQBlg3vvQSfWgW_6I3KdAT5PjknAFi_XHpdloLaTojc4dkf35mc0Y29mWAPZQkf-Frz0AFEwRGV5WhAI8zHu6S1vMtjg2NZeChQk0l8nL4GwJ7ila3UrUjD4QzgWg54zdMXvKeacJrdDRj2EPM4rDRv-9yc4H7IWGToPEVY4ZyhhxArrh4yi4ZQt8zXc207SGz-cTDkw9ere7H0D5jjBBLjnXchOjMjp7oefaWqAw2JZgNFW0TUHdzuVWGd1y0Lh9JEcIdIJbzSNaHlx37wUaLI6LhFwwP_WBQWbuGAdt1EPjnOXYrybHA1FE_t5ETe4RagHrqtPP44OFt3dRq7g6tZg9zpZWlRn2ssGNuMDWrhvb4UpOdt2dbNp5tmHlbvVwuS6mZmRdtd1xnOFUgZgGWK9fZpGliRVAW_0uwjOY6n6HJHDlNAV40Epa93kH3wM-d4qklOpDf9eCNZgRbhd7i4U7C5lkUb9X4PK3t1K9pgV1HA&cid=CAQSPgBygQiD7tQ4j5N3su8Fdei-E_uF2WlX_1tCcyr083Sh9g8bohwo4C65Zp3WSPPonKNf9mNyS8LYL-VW-fSvGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=2437182027386386400&adk=2124396030&idt=143&cac=0&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
passback_970x250.js
static.adsafeprotected.com/ Frame 4EAB
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/70223937/xbbe/creative/adj?p=APEucNVLKfO3C6H8Rt9Tnf2lHHPBABM-xjdz1EM6t-uhwpwWKiMNhiA&d=CokBAKAmf-DYR3Ou9uc6qZqFAessGSQ-m_1BSLBc0aFhZVGLHKaqUcpcfMV9gm-...
  • https://static.adsafeprotected.com/passback_970x250.js
3 KB
2 KB
Script
General
Full URL
https://static.adsafeprotected.com/passback_970x250.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
.AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Fri, 05 May 2023 16:05:46 GMT
x-amz-cf-pop
FRA56-P5
age
169780
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:56 GMT
server
AmazonS3
etag
W/"094948b2d1170876fb8e76e432d87da6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
LYfYaaOlY5zehMracHzsY-n920tH65K6vajKx6xHPhL-w3ofNf4rlQ==

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
nginx
x-server-name
app18.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_970x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3BEF
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
19697950
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
CsCHnY0RVzNgrx0xSv8nJ8uhD57jMvIrfC9ED52RLTbJbAY_31Kuhg==
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsGS0,pingTime:-8,time:31,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:31,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B21~0%5D,as:%5B21~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&br=c
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adview
securepubads.g.doubleclick.net/pagead/ Frame 726C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtnRVjcBXZKHrIci3-wauu734Dv_Oi-Ntu-GlgrIQ5eqrr94BEAEglZvKIWCV4pCCoAegAbH6_-oCyAEFqAMBqgSAAk_QYMp1YZxibwmfXN0l-i7H3a3rrQc1PMYPmMnJP3eRfxdKCrxVL4wxBxdPS1YLQzSAfwGZmwZ28kx4urJZ9zJGpYFKG4-Za0HHBz78wR2bPcyXjnV7C7ZodaXvjJkODJKMQWLbXoIGa-PwqUnHrvlXrYkA7tCj_64gQRugsEJE9kwR8oG48ulM70ZKHLz1y3-HJTLbpqiKUuO0yXIp2zKHCUKwW29K-hgwrzsFI7aQgEnE9CSUdqyq0OImD0UxmiCVqhx7Zz3LUG6T91IeFvCTClWdCv0vrIOUFUeHUCoN8hs7lCTvFzC84Nb8Ml1JSkAtjSnlrDq7dtXWuo7ahy_ABPDSuriVBOAEA4gFooWY6kOSBQYIAxABGAGSBQYIGxABGAGSBQsIIhADGAFI07rMAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGeYAHt4WAlQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDYokIYi5vg0QHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBsBPE8soSyBOP74ThA9ATANgTDYgUB9gUAdAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=c3CEL0e_AAQ&uach_m=[UACH]&cid=CAQSTABygQiDXDpF3XKl3ImYCsaVLM4vQkesqJrJK5wydZizyIqfygfOH_W1DqrAn5keDedKPjYVsc-EqQxlmMZlTc4MQ_xxP5iLOu7F7kYYAQ&vt=10
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 7321
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305020101&jk=1203810382951121&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

prebid-request
onetag-sys.com/
15 B
363 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/
0
268 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c3a6b1c0bf81da4-FRA
expires
0
bid
ap.lijit.com/rtb/
25 B
403 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
6f072dba163631bf0536bd94e0e905652b1c0207d3e4afc614d7df6ac9baa192

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 May 2023 15:15:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
cdb
bidder.criteo.com/
23 KB
10 KB
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=11688957370
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
05166e50481d270feaee6c9725a26855a59edc80f329be85ac28208fd11999ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10414
c
prebid.a-mo.net/a/
0
170 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 07 May 2023 15:15:26 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
truncated
/ Frame 726C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1aa95e94244543e909b23ee3975c0b4ded9cefe20557f99d6b823b6170886b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsGTx,pingTime:-3,time:126,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:127,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B117~0%5D,as:%5B117~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&br=c
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsGTz,pingTime:-6,time:128,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&tpiLookup=ao:yalla-shoots.tv*%2C569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com*&br=c
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame 726C
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lhdk2qx9&c=6911857991581&slotId=3455928995790.5&qqid=COHl_-6_4_4CFcjb3godrl0P7w&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c0c::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
vast.doubleverify.com/v3/ Frame 726C
17 KB
4 KB
XHR
General
Full URL
https://vast.doubleverify.com/v3/vast?_media=3&ctx=1828362&cmp=189093&sid=18330&plc=6688593&adsrv=29&blk=1&aubndl=&turl=https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/&auxch=1&pltfrm=1&ausite=1720207719321&autt=4&ppid=103&prr=1&auevent=ABAjH0jWmHlZPDDRtc-HZu1nLhd_&c1=3060631&auorder=1008809871&aulitem=18207867554&aucrtv=439881099&aufilter1=3060631&audeal=&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F8%2F189093%3B6688593%3B208%3Bxml%3BDV360%3BDV360FY23StockBEHInMarketVideoDEDSKVID1920x1080%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.68.128.169 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8f0228f3e6dff872207a7425de20b73380f44bd4439d50a465d39fda65c87bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:22 GMT
content-encoding
br
vary
origin, accept-encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
none
timing-allow-origin
https://vpaid.doubleverify.com
link
<https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://cdn.doubleverify.com>; rel=preconnect, <https://servedby.flashtalking.com>; rel=preconnect, <https://d9.flashtalking.com>; rel=preconnect, <https://tpsc-video-eu.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect, <https://ad-events.flashtalking.com>; rel=preconnect, <https://rtb0.doubleverify.com>; rel=preconnect, <https://tps.doubleverify.com>; rel=preconnect
290318566258469857
s0.2mdn.net/simgad/ Frame 39A7
595 KB
595 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/290318566258469857?w=400&h=209
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76f809593cbc51dc07f7a38b10dba20bd0925e4799bc8d2f3ac981863211c240
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 07:36:44 GMT
x-content-type-options
nosniff
age
113922
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
609400
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 13:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 07:36:44 GMT
truncated
/ Frame 39A7
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
img
imageproxy.eu.criteo.net/img/ Frame 39A7
25 KB
26 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC25_6627_FA.jpg&ups=1&v=3&w=800&s=7a9Cjxua5ViPhP8Vdk21ko6U
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
84097aa5b9ebc242eab92efdf5f7b4bac2452f720051b812cae7653ebabbf5f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=591986
content-length
26040
expires
Thu, 11 May 2023 07:28:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame 39A7
2 KB
2 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=12719&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F12719%2F211116%2Fda5f6407dbd645f89e0377a2184b348e_me_icon_300x300_criteo.jpg&v=3&w=1200&s=ipMWUVRkj5GlzWfrkHK-rOiN
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ad06032486df2e74fa9c4b8b590fe15d36e9c5cff05ba0126f7dafe2a0ebb16f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
1826
expires
Fri, 12 Apr 2024 04:34:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame 39A7
20 KB
20 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12638&q=80&r=0&u=https%3A%2F%2Fsuperzoom.onlinesuperimage.com%2Ffsicache%2Fserver%3Ftype%3Dimage%26source%3D%2FJanVanderstorm%2FKurzarmhemdBODVAR_hellbraun_284842401.png%26width%3D600%26height%3D600%26effects%3DPad%28CC%252CF1F1F1%29%252CMatte%28FFFFFF%29%26format%3Djpeg%26padding%3D3%252C3%252C3%252C3%26effects%3DMatte%28F1F1F1%29%26width%3D816&ups=1&v=3&w=800&s=1PymptlRKcMf1US0VMlGExY_
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8e37dae72e91a27f7866e06f4d879543f0691f90d06975c7736e84c15af10eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
20712
expires
Mon, 15 May 2023 09:12:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame 39A7
22 KB
22 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=12638&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F12638%2F200722%2F2d3c404082f142d9a14b6b544d5dbd05_jv_logo_ohne_claim_pos_hoch_sq.png&v=3&w=1200&s=48VvaFovrlWLrrBmAUaxCT4U
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1e011a35ed2c4a688b3a6a0f8ca8800d090dd0a74264bb86c9d75f71a3b9d9f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
22797
expires
Sun, 21 Apr 2024 10:09:24 GMT
img
imageproxy.eu.criteo.net/img/ Frame 39A7
233 KB
233 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1458830114_Dumbo_neu&ups=1&v=3&w=800&s=jcnHNyBPdLpoCy5gLFNtlrAG
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e2e9a3863164fca5218ad723c8f4db3243018404a12ccbb935a5e872d582b505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=1800
content-length
238361
expires
Sun, 07 May 2023 15:45:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame 39A7
814 B
1005 B
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=18240&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F18240%2F150217%2F837651.jpg&v=3&w=1200&s=j76cWsIP3uC1607_iSQbgcAN
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
814
expires
Sun, 21 Apr 2024 01:19:54 GMT
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsGUw,pingTime:-2,time:187,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:499,beZ:501,mfA:504,cmA:506,inA:506,inZ:513,prA:513,prZ:520,si:527,poA:530,poZ:559,cmZ:559,mfZ:559,loA:626,loZ:629,ltA:686,ltZ:686%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:187,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B177~0%5D,as:%5B177~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:29,sinceFw:155,readyFired:false%7D&br=c
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame 69CC
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14616
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 10:31:06 GMT
index.html
s0.2mdn.net/sadbundle/12247220816584491620/ Frame 15D8
87 KB
23 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5f63742374c8c9949381a1ad1152a27853dcff513297e9c8e518f40ad6a644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
172570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23845
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 15:19:16 GMT
expires
Sat, 04 May 2024 15:19:16 GMT
last-modified
Thu, 20 Apr 2023 15:14:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2D54
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOFd32K68NQgI9wmUSjZOfktWuD-5A01jj30ODZYHbEdGjW49QrrYycSBB8hRvmkoa0CylUIqaoRiZGWG2s1GhpSDX7_qmzs5y601mZPn2GNa01eyhPFJkGl47bJHa4QyGh-3SvU5FfFCMP5e8WlJzAMTs_RbxiUNbfz29SNoDst08zcPE-EzNJLBM8noz4tV4C5lAtd3WDhYMooeNNeRORQIekykitd_oEv8r-sUCT6zR_ZjVmZae-RiKTHaL_zp4yUkwNCmy0HDvR9smQj8a_2zuplQ2BQtOdyiIaikXymx7MW-VAXb8f02P_n7ONi9HMtASYq3AEUHE6rcLr10qigk2OodgzAJWUuQv2TUG5OYvO-TghOHy8pus5KWBy730bQBUP0Wfw2-74x_LIhyYU9BC9t4IzCkxcnxd5gBI9KIlwS8tiaPzxm-sU09Ra-K2rhzrTEes9tLdkP59YGi_w_nOo-ZC59OHsn7WF_VN67wJOcW6GQRSIY_zI5CLQQ6BCd09Uuj0blnwIsf2fv_M1mr4UhxILlTLYVkvRpUtAMofHDD-RTlKXJ-HKT4smw3QCp1pRwtdXZPiMuftOjT55ySbYNN5u5wroqEbzzRTs3Fy-J5iM5Fh08BIdUAqjOrxonrLFemakUThZmjnZgKyOoCDJG1GsgldGFYjqq46vYyTnjbs56GZ4NU-CBzjUVZ8qmtcz3zXwpLK5-djX06pX5bZrdtV47WmT2Betj4ojSptWcqfNGclCtxtrPmFYpww-mLfDPVMhqYiVur_SJztEn0sf9AX_sgYs6CrU_mTRjgmFe-5JdYvgUpS7DfVP3hc3jLkqEF6lm60HHSLsX6flYpHNI75J7d2V02mNvuH4moVBbST6AuMLOehAu6Ecsh8W5hOBC8UOHRpXrX3knoy6wateXRO5eGY4aaTK_s7ptvpTqXTPcnzQ_VwSsOA3v6ddD-LM_s06NRfzlGFIYqfE5i7pAmpsI8rjkqIu8DgMe55l9fz_knbQJog-GUlcJuu_Cd5HQjBZOLJvFwDem0txrxRPEfb3ul9Ymx2qDJRraTqmMs6et-d6UPCaZptBQHRNuUhqcanUNMrQMB3uLdNkX8mBIsGhX_5ilixo6Kx3UGtKaWRFSACQX3wAkOeWS41qn95_00QK6xzI8vbdV9R2QEcKZ0W5EyPvFVNkhG-9OsRdhnA07yc1UTepl6SFE159C-W6lJMtgBgv7WJb57ILp-6lt5CJRsCT38zdikBm3JjDhD5dmM&sai=AMfl-YTNU4kj6_MFRrPnY2Jx-hdUDpnIjZ0WiadntXIDqCyQ4f0CONhrZV_-R5QOqfiYZOBHw6peO_I-rkoqx7ftLkO8pGMqkCqAjDVYZUYGtllwgUzQOdP2BktwODEhz8_4h2bU6vUYkecHmH-SxsBrm16X2Ze-m6e2WT1Am-DwmxggBi1tfj_CpZPaqRUFsL9tM_OSUiXyPPqVi07vOblxE5e0bU79l7hFHEhFLXcNAzlugXUO6C2weK-bZOGslUUbP7AEcdvZf7QIZ79IDlb02hti5xoRYxIxNakU&sig=Cg0ArKJSzJ9_6Y6rqkyCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=407&cbvp=1&cstd=403&cisv=r20230502.34375&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:26 GMT
/
track.adform.net/adfserve/ Frame 2D54
Redirect Chain
  • https://track.adform.net/adfserve/?bn=64078053;1x1inv=1;srctype=3;ord=613056621
  • https://track.adform.net/adfserve/?CC=1&bn=64078053;1x1inv=1;srctype=3;ord=613056621
35 B
519 B
Image
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=64078053;1x1inv=1;srctype=3;ord=613056621
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/adfserve/?CC=1&bn=64078053;1x1inv=1;srctype=3;ord=613056621
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2D54
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
truncated
/ Frame 2D54
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
691886d3b7211700e0c02a155ee7a341a722309921e463a7f25c9fcbb13c5195

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 39A7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUvbIjcBXZJPLI8bRzQbqw4qgAcqvn4xv3PXkqN8Q6PKckMw4EAEglZvKIWCV4pCCoAegAYaH6JcpyAEGqQK4Sb-1M2eyPqgDAaoEgQJP0NeYRK_Q8TY9YgyUl1tvE6cz1A7LsTdz8jUls5fRgEhJsiLBdaf2WvRtc8hZMj-xV5YZqO5QHjFIAgNYLScZBA9yk7l3Bd6enqpnnl33qsrB9fVdaBv6vPMTTdnaxVI3YOyUGNtAe-HE2ux27l7rPdNpqVs4tDQqJoJ788CGr3ICKsEdvGRyMDaRrJ5BezSILSexzFYp-OCo8MvJtlZsXKsWeevP-3xYRu6LFwie9bAhU-GGiogm8NjE1W4cupVPr4DxlUH8-fDuPBE_c2VdIBjfSeSnHjt9sPi3qoHXfs8unBWxwUcxgdI5LtuAJqk_IuRjjRAOeo8mE_8ONdT_z8AEgYbPia4E4AQDiAWz95m3SZIFBggDEAUYAZIFBAgbGAGSBQsIIhABGAFI79nhAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHhr-49wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChDCtwQYhPDh4QHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBsBOnxYoTyBOVkPPhA9ATANgTCogUAtgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35E-gXBA&sigh=k4H8EVmZmpE&uach_m=[UACH]&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&template_id=509&vt=10
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

lgn.php
cat.nl3.eu.criteo.com/delivery/ Frame 39A7
43 B
348 B
Fetch
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=t60KbijDD0RWdXCNPAUeJChvzjieHxM0CUEwOsvLS-EzNSwsZcErw-ohz-jNw5ZC0SP9bltRCq-6JOvhm2WfzdQujEcZS9A-soIMhIFoM8FP3EnQcvgB79T2uoAW3D32NiTzfEx9AM0mrQ2uQYCXA-dr4STAr8Md12Qmch4PGwowfRDoyutOxlLIwD_N2PlLhXrNKm-HHBPUZbo1p01f0yzZ69m-uWgSlscMOm0f_fp9mLaFtVme--vcxMyTGA_kH0GiSMMRPsYv4E16XYkUkUf2DYVGo6eCrvvQhkGLVg7c0L85h3LIR6m7YDCiBmtqLDP9SehlCuaf9TyaKrnAYhw26XISM1bGkIr-N9Vskabc75qvE9mvmeJDSwkfWaM_0MBv8OQ1XgxSE9SG68qRktqxCLj10a7_4WxGNAPEpNOmjfYTU7XoIOslUjK522ihCYxVbsMfbNWmdJ8UaSuBiGDoxI0PH8A9uus1KrPPt8jvkQMS&z=ZFfAjQAI5ZUK02jGAAKh6qae7OYtJ9UpodsqrQ
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2629274
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 39A7
0
0
Fetch
General
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kpClCfHZWwAAnYNiAgIAAAB6GxTuaoJ9sgcGddEQjcBXZJR8g_Fq5hWP5RIAABIDAQoKQVFVQkFRRVBBUQ&wp=ZFfAjQAI5ZUK02jGAAKh6qae7OYtJ9UpodsqrQ
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
147717
server
Kestrel
content-length
0
ai.aspx
m.exactag.com/ Frame 39A7
43 B
1 KB
Fetch
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=72360-criteo&extLi=152208&rnd=6457c08d7c94f1836ae6158fe5120000&consent_string=&iab=1&url=
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Sun, 07 May 2023 15:15:26 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
So, 07 Mai 2023 03:15:26 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1696
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 39A7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFVwBjcBXZJXLI8bRzQbqw4qgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCuEm_tTNnsj7gAgCoAwGqBL0CT9AoxCB5Av7NTaGc03ajzGRAF2zZx3a3qV3AiXWwGv0WOqzolZNKiDuVAwvaLgcFR1SMlYbR2DvpRg5pRPY9JTgRGjTrs6PsnQdGcyNE9PHg2TiUnORjueedBU-M-X17Fn4ZJgppDPIg4HeanPzEz48j6fQ3auGnalrTnm_JF-9RZLHiuNfN-0RfRLTMZ6aFSp_MjMGrc490xJFfxVT6DEEeMpST5E6pzXYc_u6Nm3QkPAn-XmfWfFg2B5iF-E1jDFww-Wz77Al8gpz-s39PKFBfEqtjLOd2m1yeygmoBo4cl0ISXa2PxjIPo1cObN5dOiGsne5xG6YaSARLjPMBdRa6fTZ2VcCX-NPdU8INzpgTVErq0heLOrRc3lnaUVDQS7OVgLKcKKbk3LHe_GuIhLgOncOZax2wF69CWpTgBAGABt-38M_gx9uXWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=SNozV-gMDt0&uach_m=[UACH]&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&vt=10
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

lgn.php
cat.fr3.eu.criteo.com/delivery/ Frame 39A7
43 B
347 B
Fetch
General
Full URL
https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=Xi5M_KNSpYNT0i2kX8xS9ncZM3ytO_7LZ2q6lBBopT8vtb9I8ORxnxQq-DzzEUvriHPSTu0hwFMGNMFaU0nTcWCN_yrGZf4QhQ4XQOtoHmKceq0uQSLinEXnetCwhdswliEbiOOT6eY_auIz7O83ijvXVorg-CAfwYpaJg2xr4w_Jt2J0wBZRRSM6HD2F1Eif4yOsEczH6BwtHlUAl4CamEZiRYmcLXIr9DWloXbM1H59ENgtZqVPRonuNkcjQcm_YWX0gaAp1M9MqCTaVgBVREf1D8tD9bCLavaZketwRUQL74GGitn6v3qB6E0s-L49-Xw1NvP2LEEeoZgvxNH8nWvXaNHrc1oBqI4IzOJmeV2uICpmYBaRleXKICTLm0rDAAyRkOoKz0B-6IEinIqaR-McldkRIq9_FchCl4KNhtpN-cnw8iWuI-9PL8xOcaH3j9gEr9MzceGmKVK8CFZPWfnHAPRC0oKCwJRWZQMFE0Rur5h&z=ZFfAjQAI5ZgK02jGAAKh6iw1g53OcEEtANy5yA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2841295
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 39A7
0
0
Fetch
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=koDRFfHZWwAAnYNiAgIAAAB6GxTuaoJ9sgcGddEQjcBXZIAVM3dUw4qeZFYAABIDAQoKQVFVQkR3RUJEdw&wp=ZFfAjQAI5ZgK02jGAAKh6iw1g53OcEEtANy5yA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
146183
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 39A7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj6sSjcBXZJjLI8bRzQbqw4qgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCuEm_tTNnsj7gAgCoAwGqBL0CT9AZlxIuiF9cOxPELg8WWH-OPPv6HWDQJZmITgRiHtH3VuRmABnvens_v3vPaGLx0wOpfJITBXpfrHvvsmimZ9J3dj9Mpkt-f9KPul6sQagrZhrv_yGPPe0FzQyfa3hBUWkcNKQySlewDM9Eodq7BZ2vVLj6Sjl5R2JXleC-CxaQmJtgRDWEXm4XoloqQuUr9j3hZQhWDvxJ64kfQsFjLx7CJG5L55o07xleko6mE5bHjj6XEjuEh8p0YwvSpptgKWyWra0tol1eHWZQWq3QhB_AhbidDdvIm-1rM07JpnXiUHBnh6nAqKTGO6cmNCrkTBQyJAuCS7VFu2PCQIgLAnM0N0n78vOyvWydfjIAcSpDxSwBA9BeKXsR8ao1vlGSxrlKOuqJJG-o39wGNvJZqgsDnHT36KfMAWUX-H_gBAGABrbAoqfxuOvX-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=C4QWUERXoes&uach_m=[UACH]&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&vt=10
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

lgn.php
cat.fr3.eu.criteo.com/delivery/ Frame 39A7
43 B
348 B
Fetch
General
Full URL
https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=ILpKqGBi4TlTh7aQFfUfuDkJ1Cy-cx851a0FoYnW0C6I45nWo_abU5xyEzz5twa0Kx2mW2NDjRfK8fs82v1p9lPt95_dOlgSkxDg3hc6K16zLWi7fH1CpyMSzgq03MNvvMPhHN4qVMAfw5vDgUos8Xr-jW9JieX_tndrwP5pDA30xo0NxDrAzUWyySdgTkI-5hz7Jt9JFas776aHBNiXbuGIAWPWdP_712EqYxxGLNLWWwaJiGKSFZ18EpAXQ8ZO054Cp6NzN8mZYOj4g8wuXNQA7BwgDhXf5h1ddnPYquBFgppxJjWN1QHTAruY9HFuXr5xqx2qIqBw0UKpZs_v9BdxB-EzVHIsAJ-KSaHAP83CczDHGzdOl8l5wr9t3XEyynQi0tYTui-CZZW7hwdHD-01VbqM7RYcHR1TaT94GIwPpIjPDxkv5j0c5-uIaIF8nai-n4nmaRcBCWDDVEDegyUVM2xVSJit6xyLLqErLgekwJ3l&z=ZFfAjQAI5ZkK02jGAAKh6lHutFVqvKSMmnYIXA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2508441
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 39A7
0
0
Fetch
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=ktnGEvHZWwAAnYNiAgIAAAB6GxTuaoJ9sgcGddEQjMBXZDD1ov_MvibMvh4AABIDAQoKQVFVRER3RUJEdw&wp=ZFfAjQAI5ZkK02jGAAKh6lHutFVqvKSMmnYIXA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:25 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
407842
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 39A7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZxr0jcBXZJnLI8bRzQbqw4qgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCuEm_tTNnsj7gAgCoAwGqBL0CT9DrWgfs83-ShJIXXyWM8VlhRxCOYWBtzvU1kiq5EeKPWS2JNNC8Z0gWrqwWTrky8Axntlo4JsSBbCqXVbes5mk5fwP_2YRPGkuY92FNNqHUY5hsaDbGMoTH-3FiE9ppQtwdqMFsh1zvtnRhbI6mI9832Nfwmbtm-rOYireKDP5WyWG7YMOiuAH0KxM_c2l5bwbVeRmnGu_rB6v6ST-zal2LoHoXW4H6f0O8xP29HxQhLQDtZg6nQnN4bnvxdASyoDmJLDRqV78A0TvyCQuQz6CTiIhjy52aPrrQcW19JMxdU-f3xP2nt-A-ckHZ-72KlSTcu0qHA63pw7m9lUnM5d-X75WRmBhKR92KC_GdbWKr5YiXuzXl4XCAWjhrf8kyeZh5gR48F8zIDp_rOxgXKar0nNi7HhmO8fI11-vgBAGABoLm-cjnpNXUNKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=1HC8_bBXUo8&uach_m=[UACH]&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&vt=10
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

ad
googleads.g.doubleclick.net/dbm/ Frame 39A7
42 B
63 B
Fetch
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfZgqM2m150NHp7sSBe2aLPhZEi20p_TGnVRpsuvxWEyWXuz0_2THwLW-xe2_XpV6LQo3hdfufbHgWOprZvIqpOi4FOYyojlm2bJh8OwmXuCTRlPgpjvAoNVEe9uOroxt_gKSibohDxfZZNSJ2Ocw2F_vfgQ&dbm_d=AKAmf-Bj4KLQwp4TKcbOYsyn7hfZWdlmHvedtuOBKsdrXRfA-eNFsL4Xx4A-KY4ry4rlwu10ZdwXZi05NTkR9MK6nvqx6kXXq-m1WrJ36QCV39fyd65e3i4rkflRTW_VP1ruubfAYyaIACOwlXkbNsFdvjRFZYPlkO1GLyprgOBjJeR2OdSz1FL8jm5mqlIgUrMFDsPLZNri29hkpam8Jc8C2byhHE2etLsGtzbt6ZQ83FCKtNLHNoqANwwC5RnRJq2VJoytxXyzOQAtN7kWmQkVXpurllSq27y8I4Ikk9dz86NU4kzocpKyiQEke4Ti86rYq5Qid6vZTLPPajSndSy0MEJiM9DhxgdTALh0SXyi6KRsLRwUNH5ewbrWlqQPGY9lfz8slQcrNuilsIcm12cBSltdtM3zW6mBiqUdYDFMd9X6QJQ-xfHIbDWJF_NBwOgGYuXkCAOXZyXBeD8BahawdW3WYjqkxXURQi0D8NfVskYLkt3yu1nKeGAjVDe4vycm6gDRTCXzRleQiCA7YUKI6fxsvloSaFas72uZCnYZXRcwd1C8K8N7JhvgyaXp1PemGAC1j3qH3s9n2sUp5meSBwpIIlAfXOa1U1nT_OwEsy501cqmvrUQugxeoqMPMwwCuGDMWvo1Ep9cAR9woCeMHFIUHnk5MYu1YYpMOzSy9yYPRMHSjHnmdDEYkxAO6hB8Eyhk8KlLuoSkzSNQXT6Ln1gi4ijOkajwiEwiXwv-39cZPh2KzLFvKuC-4luMZTtHjO_du5qPaRhZECcu9QyyZZDJzCGbhrZ70v5dOHWIgZYZRJgnfMrHS_rR61LlN5oJtd1qXqt8OwjyKo6l3odBYHNWM8yFLOezjmFIQyGrUDqYmAf62ym3-xsz6aSHZDtR7_GQfbLX0zU9DMCcI8GAPZh0XGAnBunjUWxTKcxgKLFD6hWPmBct3rCe1jDdZCjJVwt4K2RWyBj7NNGu22kQjOt4upAY1NDe-C8LkkEk8T5vJ7HNByQ_kut9PI-9Ws0JaFnXrbO5U_ruKFZN3-yOTAT_6hLIH6LNXJwpnVFpKt6lKGHORxi23EFPWKJc9KncZ9hrpvm1ajZKlWj0K3wovdQJoWmHu33MZFyXLD5q9nVBvjnYR7VixjloJYxhc57JCaW62CGKTIkC-D2wj6MhU_fn3xutyvfrCtBILi6jddBCqfoEU9NkWeCjIa0zZWnBhVjRuu6sPAAimoCDaXVCXGChVHOrGEf_f1DyTsAbs7BqRIKY6Gu2dP4-xSHuXU3da4ZZsjoxs9HQ4BZ04J7makkotFAB4EPMTPvgL1ZqmZdcaQD_v93_YTXRI5U-EmRxETqB3CQv6inzdCUL8MW8TDlKohy4hPppuGjI0PUcko6-e3F-aJqkC-QRaUinV7LB-jevybm0aSyb4z-wjUDuXpxVug7XpcvGwBygwsdcMuJAMCfD1izZUlp843OLWU4GrdiF6dEEd_Hd6sKPa0DU6DEJhIbsKB_ijN9noZ3bSVLn271tFb3xiJGMiYUO35Azn8GRpQt4ixZ14Trin3RQO35KLibGSRboBk44fLRm8ulA3AEdtCJexP8bWPlRneES-xwn5ETwI7LD_zTIH7cTcFnw6F0MHg9vhx4m6trk_v0u6jpH7Ec7wi7Ers9ZLQzwVKFeHLmAfl7OFHKDlsdEmTyQe0RbSuYHQ3MU5YtikLzFmrADglXORbc7l2aWi6GAwQJ_hiLdt0DsiaT0NcrniE0HqQG7PE8pYU0hmZAHAmE7JqD8pQmoLIy4UYwEfz43kx8rEkY-10_ehXNxJokWP1jzdYZoEbIOZX4r9IRNvDLic24-I47Wli0J5BwzRgS0Dvkv6EdgLUPG1pNi2Nq3__ApYUkqjjZ3uqXFtmnJjS95YJol387aJbbWUYz_VcISQITzBFeJcWIv0pIlUWsGtylECjeIlMBIbZxPnLppCS6W759fLx9Irxlno0jDmwhyMldtSAINQeoLMjtEV9ibCtfDoORkVfEEtH_Cr1KmkwKm83fJLOyWkR1lCHjzN2fRiOvbilPJLSTIVHCuOpvX4-N8vLi4Ea4Q8EJelKf6Rb0FYoDBrEqgFOmLmAEqwd0tYD2ZrQq5Et3OfXI4_Fbi053ZkBapsqX2dJiVcHSoUhZ8708uXAmtCRBIshASG9QbMK_VlnL1voQ8VC33nQzrRa9X3SuY6ovL_qCWcxCI4nxYGZN1YVimTtFti9Btx25QkZAU1mopHr-u2eAHIfAbxPFdycuF1HYPIpri3mXEO1NeHVrcZw_XK2qxL02hV-LoFdXGb4Ici7tsc5wQDJc15elQnNWlDvwcyt0_jAl4qmENbhCcoUPc2KrB-anM-O8JEPs9gfJf2B5avn1Y1vcuJgK_xVxMWZj8PWT28PWbf7PD8W8IwRc0oZbgnxPG4Wy9pqGYsVrbpi50LjnmOPUqqSvGZOokMkJc0eCVmgoD4AIwK0QXonIGmDHq-0U2YT_D5zT-EFf1_96oeLD8lpRWMhIyG-kHCzbesBnBUFIsfzje6EwzgyqyGakaljzu05hq9f4yJAEqXTFE1D0-Zo3xDVGERC77O9rmyhUgNJDhJPtAvh_6Bh7TtwRXkL3EJKQXhE0wjGHrMoocY-L11pXlcf0sSIva2Ah2YHYjFI7fm6PRiRxnyMXyvel_XjZvbJftlvMvu6FMXLcrbtkefvgq8SgWM9l7orjAH3dTtYS9EyhlP1lWgSQkTQJaVDTba3r01tLexcTAmt3iraH1qi9QC7aOwF8RhEimethJrw_lYhAN6FY2mwWHtc0X391BaxHnh50W175N0XOiEES6PvwUAJ9lQSFpM1zKTe9WcDE4Li40OI89WeekTw_40YG59DWlSnWZmAfjK8LcQpQ9iBPSYNqoDUNjUOFQ1m0MzS3NfswCSHvQc8NSCS0Iapb6yYOTWuTdnRTAHnnxBWncMsL-GUwYeK3Hh5gh5vtHja2NiPwr18Ar-fDOH_xgMMffjTKBr4-xkEObGgNsbLmUDe0QJZRVvrFrhpBo1HAIAkRl6gZ0PSkpvWE0PHMPlsEMNZ-UYmxNE0oKZATn9ReH287uqq3y0labNVSTjF00ayIZSNtGY0F-WYeVwDsIzLLf8kITGIhEsefKYoRkjZObfOwO9jxYGGbzrnOZszzIZ5pdbNv7yw0bBeyx6hLOmsw4Sz35r2qcy7-2KJzeO1QsXU8fNDUbEsLE1Eoa6hDlV8qz9NLqUzQZtEcefQ2CuPqMV9ljxL7Zz5fztXxsrIjXBA6ELKG8t7vyc5WncaUxXgPtyyI_7M6Rfk_2KtyRz-x5m3IV2AykCHFPG42YCnLD0kKn8kCsLWZvkCQ_NpynQdvShn6AcJ2H2zw26H2X4g9LqsJxxCksXVf3r1W68cbD75rIDOXsTyGumN66oIJ5g79vXYo5vyf4Zr_RS228iRzMqAgz80eEcVPOkrB_-K2PfEMu40J9weP20maG-zGMhwZBDyGuE5lqd3wN4rME5zuS_McVlYJm8hRwLx7NrD08tPG4-Guv1sb7v2waezDvG1MJNs3h_XL1ODS8RselzGji3_NIvgZmUE54HMmt8oEwWrMAD6lnEjL6M0aWMuUJykarN55zEf2FGMFuuhw0GBMSz9Z4wW2EwwiEJQv1l9SQQMWwt9ijdUI3eEotuRKuHvy86GtQTS6rVCnmDqpVPO-vdGjT7Qbceam91VTY_TBfnIsMFqhgTkGcY4ZTmdem9cJjy0Y-N8tuEcTHEdJ2x8998bIKcCfcgHZDUAmhvH9f5lsWyI05cClfWjo6NFZd0jZ5l2A37VbYVDbzWf_MDgeSdb3prTAHoPsmRG9bErzUqmArApgZ6SMbTE9DkrBYzp3oO8O8TFyLETqVMEQF4-0HxkZkoOKRZT4XFVTGqv8_hYr7GZTLu61GEgs1b_VHR7vp2ongG3Tw8Rp02fExq1Fk2Uswg9dshrIQxR6-cHlxhbGuYrFelEeTeFLoggYI_VRXFFlW-Axlv0fK6yvxllfOPUDZoJ2e8Ut9dEAculh9eN9Lizop8hs_q_qrI7P2Gklys_kkfCtPDRIv8WgYmx-V6x7AWPciN3wIHjObgrja4lBBphA1E_ou_q1hovHMVdHhvPKR05iWfO1kTbzGa3sCeiVrYEO2JeLxPB7WqkzuEI0xMnPc7LPlVg7fVkn76zy_OXNw1RQhP1P3RZUfTffgXhVFVAdCxWPNO6hCS45-Khvl-5r8eg6fBXTo6xIs8QYnIJlbQyRq_fYzExqgR0syifmSGqOC8xESmvhDYwO1BCSrT7kerr7L8l4fouKhHyJ8vjEGF46jsvTmWgxPAJU6pkm0l6qc3pHEhbYV9dtbstItcxxKNOBprV-WFxvmKQCv6C13gqPx_2aIiIvHMEydJlLgaMDOhAFDq1ACDfVwkVbBDuU6aUMHyUyZcvHKzidfKVLdtAJAe3Z2eRZpBqjkXdqnrkpM9USyof9SgbXNwqyz7N-CT_KJrtjrP-BQAb9aSVR1y7JMtdd0pLH7u2fLC81FGXxYCHR4dym5cugpH8S0RM4AvPKK7HsImhyn924TQc_oZrgSeyx5imqhXZ-ohPeKL-ltNe-dLwyOrUG_fvjFKKcsrYxjToHLAMYsdwTLB9XVGf1B3Bh6PbCGDGpBc3mDz4krk4ytQAu5VZt3QLI2dkxYPa4LuFROaEv5AKfCg_wciMn9q5Me6Z8imcLl-r1jeRNbV_3_HoiMHJoYne0V2bdo2Hnvt24Q7trdz3nM5yPSpMSpmeTaNAyLGtP7YJRxcav6997UQjGXsQHJZkZoeWREDFe1hq2Q7d9mRzDLq91onxn3YO3yzs9PElaXIrwE4DgER2dCwpvhln6RdCJIU9cH_w-M6XKqky3aDQ1yt11b4-n-0X3r0PmxrjQCTbZTMOnXZveQ0rpqzrmzeucQ61AX-PhNVpB_0iZ00NdEa1uyIOWd5AO7A46YSOWGViQ4vxTWN-MJ&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&dc_exteid=31054586840535734596190236915901138&dc_pubid=4
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 39A7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0G1ZjcBXZJXLI8bRzQbqw4qgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCuEm_tTNnsj7gAgCoAwHIAwKqBL0CT9AoxCB5Av7NTaGc03ajzGRAF2zZx3a3qV3AiXWwGv0WOqzolZNKiDuVAwvaLgcFR1SMlYbR2DvpRg5pRPY9JTgRGjTrs6PsnQdGcyNE9PHg2TiUnORjueedBU-M-X17Fn4ZJgppDPIg4HeanPzEz48j6fQ3auGnalrTnm_JF-9RZLHiuNfN-0RfRLTMZ6aFSp_MjMGrc490xJFfxVT6DEEeMpST5E6pzXYc_u6Nm3QkPAn-XmfWfFg2B5iF-E1jDFww-Wz77Al8gpz-s39PKFBfEqtjLOd2m1yeygmoBo4cl0ISXa2PxjIPo1cObN5dOiGsne5xG6YaSARLjPMBdRa6fTZ2VcCX-NPdU8INzpgTVErq0heLOrRc3lnaUVDQS7OVgLKcKKbk3LHe_GuIhLgOncOZax2wF69CWpTgBAGABt-38M_gx9uXWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=IgFKLMkibUw&uach_m=[UACH]&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 39A7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-eEDjcBXZJjLI8bRzQbqw4qgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCuEm_tTNnsj7gAgCoAwHIAwKqBL0CT9AZlxIuiF9cOxPELg8WWH-OPPv6HWDQJZmITgRiHtH3VuRmABnvens_v3vPaGLx0wOpfJITBXpfrHvvsmimZ9J3dj9Mpkt-f9KPul6sQagrZhrv_yGPPe0FzQyfa3hBUWkcNKQySlewDM9Eodq7BZ2vVLj6Sjl5R2JXleC-CxaQmJtgRDWEXm4XoloqQuUr9j3hZQhWDvxJ64kfQsFjLx7CJG5L55o07xleko6mE5bHjj6XEjuEh8p0YwvSpptgKWyWra0tol1eHWZQWq3QhB_AhbidDdvIm-1rM07JpnXiUHBnh6nAqKTGO6cmNCrkTBQyJAuCS7VFu2PCQIgLAnM0N0n78vOyvWydfjIAcSpDxSwBA9BeKXsR8ao1vlGSxrlKOuqJJG-o39wGNvJZqgsDnHT36KfMAWUX-H_gBAGABrbAoqfxuOvX-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=cr6DP9A67O8&uach_m=[UACH]&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 39A7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvqS_jcBXZJnLI8bRzQbqw4qgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCuEm_tTNnsj7gAgCoAwHIAwKqBL0CT9DrWgfs83-ShJIXXyWM8VlhRxCOYWBtzvU1kiq5EeKPWS2JNNC8Z0gWrqwWTrky8Axntlo4JsSBbCqXVbes5mk5fwP_2YRPGkuY92FNNqHUY5hsaDbGMoTH-3FiE9ppQtwdqMFsh1zvtnRhbI6mI9832Nfwmbtm-rOYireKDP5WyWG7YMOiuAH0KxM_c2l5bwbVeRmnGu_rB6v6ST-zal2LoHoXW4H6f0O8xP29HxQhLQDtZg6nQnN4bnvxdASyoDmJLDRqV78A0TvyCQuQz6CTiIhjy52aPrrQcW19JMxdU-f3xP2nt-A-ckHZ-72KlSTcu0qHA63pw7m9lUnM5d-X75WRmBhKR92KC_GdbWKr5YiXuzXl4XCAWjhrf8kyeZh5gR48F8zIDp_rOxgXKar0nNi7HhmO8fI11-vgBAGABoLm-cjnpNXUNKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=wYWtEAQDljk&uach_m=[UACH]&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5E64
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 05:20:55 GMT
expires
Sun, 05 May 2024 05:20:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 754B
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
498 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=-1&sn=3&pc=0.1039852648973465&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:27 GMT
cf-cache-status
HIT
age
1534267
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b1dba009152-FRA
e.js
live.demand.supply/e/
0
497 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=fd1ba056-ce31-467e-8b2c-3f0f664177aa&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=1cc3cf29-a297-4e03-a814-57797b2c03ce&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:27 GMT
cf-cache-status
HIT
age
1534267
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b1dca189152-FRA
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA2C
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
500 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=5.84&b=2&r=yalla-shoots.tv_auto_interstitial_desktop&sy=fd1ba056-ce31-467e-8b2c-3f0f664177aa&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=1cc3cf29-a297-4e03-a814-57797b2c03ce&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:27 GMT
cf-cache-status
HIT
age
1534267
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b1e0a4e9152-FRA
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 15D8
29 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 03:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 May 2023 03:57:24 GMT
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B621
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 726C
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lhdk2r2f&c=6911857991581&slotId=3455928995790.5&qqid=COHl_-6_4_4CFcjb3godrl0P7w&fb=outstream-lima&vmfc=7&vhc=0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&ccc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c0c::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 726C
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 15:50:58 GMT
consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame 726C
7 KB
7 KB
Image
General
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:27 GMT
Last-Modified
Thu, 06 May 2021 18:54:24 GMT
Server
Flashtalking (AKA)
ETag
W/"ea9218504eec09a337676178d9020356"
Content-Type
image/png
X-Varnish
858655964
Cache-Control
max-age=1045
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7281
Expires
Sun, 07 May 2023 15:32:52 GMT
truncated
/ Frame 39A7
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7173080eb17b17fcd9de048237274e57b0ae3e3747d49754825aaec12c3a579d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
adagio.js
script.4dex.io/
74 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:27 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1210719
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpFBabe0lgw0qxskIzGM7hW27ISEzGke6BXivxBmbolLmIZtfmbzbBEadn%2BSIhhCnfqva5CnSHntlWv5nGFKbSmuFNY9%2F7PqDWr1wULULCx0fadACd97PJ60jyCynGtk0SyZ3bWAxzolTKY6"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c3a6b1f3fdd91ea-FRA
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
381 B
162 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=11&adks=323800357&didk=2675907389&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-1%26hb_r_id%3D89038c1b99eba61%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D205f7cd7373ef91%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527240&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
275ddb25f1464b1828528192fd8a168ff94a7cc3f9fc8f01b1a5fdaacfcc0e76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=12&adks=2685385890&didk=2675907388&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-2%26hb_r_id%3D980b8207cc2678a%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D209deaf17e12b7%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527245&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee6a6bcceedfd982bd4787ff0e02120a59956f71aa92d00bb420da6e14e611cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10194
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374033787
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=13&adks=1315967423&didk=2675907387&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-3%26hb_r_id%3D1073bf661650b29d%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D21294fa3eff7b3a6%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527247&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33234b315b571cac1f2e61f586894f6570d877233380a2bcaa8913189d866fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10188
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374438803
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
380 B
160 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=14&adks=4183778&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-4%26hb_r_id%3D11637e06c8ec7a7e%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D207b4a83a2e1b7db%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527249&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
079eb3088279daf62b3de4920bc38ddaba831b5747671e8af8651f6131857349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
381 B
160 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=15&adks=861436630&didk=2675907385&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-5%26hb_r_id%3D125d728b51804c12%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D2156b90f9b0ead0e%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527250&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f8ec4ca820be971405b7cc7eca1dce7b6954f332cef4a8532d07b9fa45bdb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=16&adks=2501595801&didk=2675907384&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-6%26hb_r_id%3D134c0cdc1a3ec0c7%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D21052774c2c95f62%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527252&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce203352527c632f8f014cd5f2ccbc766f995a92972e224d358d2d85e6cba9a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10140
x-xss-protection
0
google-lineitem-id
5850403633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374029776
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=17&adks=656180126&didk=2675907335&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-7%26hb_r_id%3D143527489ce6f684%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D2065468a64436bd2%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527254&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6ac559653359c660f467797ae5765f522df04518e6a62a2028378c3e0c91ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10195
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037624
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=18&adks=1041763575&didk=2675907334&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-8%26hb_r_id%3D1528275879d1b1ad%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D2130446ba53181%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527255&lmt=1683472524&dlt=1683472524875&idt=554&adxs=1018&adys=635&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=1076x293&msz=1076x0&fws=4&ohw=1076&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abbf132198a1c210793bae33899bb41f6b212025872d9c4f143a9cbba26e7739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10162
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037645
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
387 B
170 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=19&adks=2149091243&didk=2675907333&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-9%26hb_r_id%3D1617aef3170f182d%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D211b9309a6bd10fb%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527259&lmt=1683472524&dlt=1683472524875&idt=554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27164e1cb46fab90b03221ab21ce5269dd8652547b44a84d6d34b85c8f0cd1c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=20&adks=2023909493&didk=1220294050&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-10%26hb_r_id%3D170e997ed6a8a0b3%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D214b7a3724e3f7d7%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527261&lmt=1683472524&dlt=1683472524875&idt=554&adxs=1018&adys=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=1076x2589&msz=1076x0&fws=4&ohw=1100&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc452cefd38b0835dc5682afe0da9a4757b505789380f3a5e33023eb07050764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8681
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
382 B
161 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=4322319019164389&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=21&adks=3539973942&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Dstick%26hb_r_id%3D179613faf4e1e93a%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D2089a9282f4a4dda%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472527264&lmt=1683472524&dlt=1683472524875&idt=554&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
956962ed171558544464dcefc35d45b2c0ee677b4db2fce74962e2c16a141c72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
FY22Q4_CC_Stock_Stock_DE_DE_WorldOfStockNature15s_VID_854_480_700_3000.mp4
cdn.flashtalking.com/165457/ Frame 726C
2 MB
2 MB
Media
General
Full URL
https://cdn.flashtalking.com/165457/FY22Q4_CC_Stock_Stock_DE_DE_WorldOfStockNature15s_VID_854_480_700_3000.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
1b9b98146d7d4387b570a7b7044383506ce194da327f0849610dffcf231f823f

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 07 May 2023 15:15:27 GMT
Last-Modified
Tue, 11 Oct 2022 21:17:10 GMT
Server
Flashtalking (AKA)
ETag
"2007c691507796a1e527e9a28c836f4e"
Content-Type
video/mp4
X-Varnish
321698265
Content-Range
bytes 0-1678809/1678810
Cache-Control
max-age=4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1678810
Expires
Sun, 07 May 2023 15:15:31 GMT
IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame 4EAB
28 KB
29 KB
Image
General
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
date
Tue, 02 May 2023 19:15:10 GMT
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
417618
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28949
last-modified
Fri, 18 Feb 2022 23:29:18 GMT
server
AmazonS3
etag
"9d3f43da9d0d0679ec0dfea58b2f1d45"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
7A6rKl_45bVmbrWyRRQUtYtj-n5cm9q5kH8WrTwuHxxwQXJOtCwpNA==
truncated
/ Frame 4EAB
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37a657e0fdd7dc2c0c8992269314529a37a889a412893bde88e0df4764ae5ef4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 39A7
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:58:23 GMT
x-content-type-options
nosniff
age
73024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 18:58:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AE87
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUFEMwqdfbCugu_nc8subefW3nciIeNbHcTa-W83ZqJFEKa1cm4xHn_sWw5jSJWM31KsfYV3DScfl3lJc0MPMMr6aH1mYzmr_7W6uizfnSwyOWole5C-4rIcVCckuN6XGj6KlCoASsWK0IScQ8bQGwfgBeJc_3YgZJbGbVpoBUBF31byrDZiAvAPBPt8WKtGZDN04n58c3Q-aF41BoqqIk7xA3etA
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E248
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame E248
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 13:50:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame E248
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
l
www.google.com/ads/measurement/ Frame E248
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5eEavWx0orEnq53p-T5jEDDC3SLwLpij42PEBZqer3EDnNzcQNoozjYyI_v6Chpk1EsDBfCbcoKAMMYyOq37zXsbrQw
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E248
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E248
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlwOZg8O8e2Hj5Hw6Sj25wLp5MMMc3ZmXBoCADARrdg0PutR9SXMsbtDZoP7PzLLxCh3DJYtOPEHV6AnbemCfJSt8MiMp7Td09jaImKDPBHmqEY8A
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E248
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=693522339655846162&x=1&ct=76
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9B99
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 05:20:55 GMT
expires
Sun, 05 May 2024 05:20:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
499 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&e=ao&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA4MzYvMTAwNDk5Ny9lcy1zYWhlbC12cy11cy1iZW4tZ3VlcmRhbmUv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Sun, 07 May 2023 15:15:27 GMT
cf-cache-status
HIT
age
1534267
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c3a6b1ffc679152-FRA
css2
fonts.googleapis.com/ Frame CA2C
4 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 14:36:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 15:15:27 GMT
css
fonts.googleapis.com/ Frame 37EF
9 KB
932 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 14:50:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 15:15:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 37EF
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 37EF
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
76769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:55:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 37EF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 13:50:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 37EF
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
l
www.google.com/ads/measurement/ Frame 37EF
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTmWeO3ChMWkHsp2Rfd_rZnlivA8wqp-D8U2J5MXbTd4swmcQtuRTNvKdQWkyDNN3ORC0dzBktwuQ8UoSNMwRWQkVm8Q
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37EF
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:27 GMT
edd8a89eee97155325ac5eb40edd3aca.js
www.gstatic.com/mysidia/ Frame 37EF
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:12:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13633
x-xss-protection
0
last-modified
Thu, 04 May 2023 21:06:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 04 Aug 2023 02:12:05 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame CA2C
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
75931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8031
x-xss-protection
0
server
cafe
etag
4566461469134147509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:09:56 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CA2C
205 B
518 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:08:08 GMT
x-content-type-options
nosniff
age
439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 06 May 2024 15:08:08 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CA2C
604 B
694 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:08:18 GMT
x-content-type-options
nosniff
age
7629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 06 May 2024 13:08:18 GMT
diwan_1.m3u8
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
354 B
852 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
4044e738ceea463cc0cad194bdc727ca986197dccdd34fb1b131d3d8af871c26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:27 GMT
Last-Modified
Sun, 07 May 2023 15:15:24 GMT
Server
amazon
ETag
"6457c08c-162"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Expires
Sun, 07 May 2023 15:15:26 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F74C
640 B
262 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNUaT1laOPTw_A-VuKF3SKlQY9hjjEG4jSRuAVv4tn5ymI_XrKCdNn8I0Pb9ixr_E3btIrLb_cA-eDwVr86foeK7YrA7HxSwdLm0h8do35Qjf14We74Gyp9NNCkL6WhTHetvLd8ZG8SDZ8krS226J5T2VzkWv67ygoX1Bb2Pwu74fYo12H0
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B621
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B621
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AuVtTQd7-P_YoZ8-3aVUTviL6o2d7njoJI2Qqhrc2r1K9ALEURjkT9iBX3qvDfG2Pn_vLCMQL4tgsJb0rOeLwb8A9YdEZdDta1cKV8NNpV2DEvDCM
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B621
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14567810932415973583&x=1&ct=76
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B621
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 13:50:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B621
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
l
www.google.com/ads/measurement/ Frame B621
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNAzUgI_spHhdV9D__Lvr4cWlqtzBA-vXzS_xFuyThQ8Y_TmBWHkR6nu5Mq30M03_UyX59LYJjAkeLQO3LECBzno3XnA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B621
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:27 GMT
rum
dsum-sec.casalemedia.com/ Frame AE87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUFEMwqdfbCugu_nc8subefW3nciIeNbHcTa-W83ZqJFEKa1cm4xHn_sWw5jSJWM31KsfYV3DScfl3lJc0MPMMr6aH1mYzmr_7W6uizfnSwyOWole5C-4rIcVCckuN6XGj6KlCoASsWK0IScQ8bQGwfgBeJc_3YgZJbGbVpoBUBF31byrDZiAvAPBPt8WKtGZDN04n58c3Q-aF41BoqqIk7xA3etA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AE87
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFfAjoiH5EY1-Mh6.yYiOwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUFEMwqdfbCugu_nc8subefW3nciIeNbHcTa-W83ZqJFEKa1cm4xHn_sWw5jSJWM31KsfYV3DScfl3lJc0MPMMr6aH1mYzmr_7W6uizfnSwyOWole5C-4rIcVCckuN6XGj6KlCoASsWK0IScQ8bQGwfgBeJc_3YgZJbGbVpoBUBF31byrDZiAvAPBPt8WKtGZDN04n58c3Q-aF41BoqqIk7xA3etA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMw-UYoMzbmwvXfObOJqoOM&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AE87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUFEMwqdfbCugu_nc8subefW3nciIeNbHcTa-W83ZqJFEKa1cm4xHn_sWw5jSJWM31KsfYV3DScfl3lJc0MPMMr6aH1mYzmr_7W6uizfnSwyOWole5C-4rIcVCckuN6XGj6KlCoASsWK0IScQ8bQGwfgBeJc_3YgZJbGbVpoBUBF31byrDZiAvAPBPt8WKtGZDN04n58c3Q-aF41BoqqIk7xA3etA
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:27 GMT
AN-X-Request-Uuid
fc709966-8136-4e1c-bf9c-10e2f954ba0e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.143; 185.213.155.143; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEI2j23iBehraBCNDdMcisrY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AE87
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUFEMwqdfbCugu_nc8subefW3nciIeNbHcTa-W83ZqJFEKa1cm4xHn_sWw5jSJWM31KsfYV3DScfl3lJc0MPMMr6aH1mYzmr_7W6uizfnSwyOWole5C-4rIcVCckuN6XGj6KlCoASsWK0IScQ8bQGwfgBeJc_3YgZJbGbVpoBUBF31byrDZiAvAPBPt8WKtGZDN04n58c3Q-aF41BoqqIk7xA3etA
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 07 May 2023 15:15:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.143; 185.213.155.143; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
30827fd8-f99d-42f3-9ea4-511f09812292
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3OTU0NTg2MzMzMjcyNDU1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame 5E64
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14616
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 10:31:06 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame C6D1
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
146244
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 22:38:03 GMT
expires
Sat, 04 May 2024 22:38:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame F74C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7IHyd9s88qKhB01DdRkqU&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7IHyd9s88qKhB01DdRkqU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNUaT1laOPTw_A-VuKF3SKlQY9hjjEG4jSRuAVv4tn5ymI_XrKCdNn8I0Pb9ixr_E3btIrLb_cA-eDwVr86foeK7YrA7HxSwdLm0h8do35Qjf14We74Gyp9NNCkL6WhTHetvLd8ZG8SDZ8krS226J5T2VzkWv67ygoX1Bb2Pwu74fYo12H0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7IHyd9s88qKhB01DdRkqU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F74C
43 B
304 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNUaT1laOPTw_A-VuKF3SKlQY9hjjEG4jSRuAVv4tn5ymI_XrKCdNn8I0Pb9ixr_E3btIrLb_cA-eDwVr86foeK7YrA7HxSwdLm0h8do35Qjf14We74Gyp9NNCkL6WhTHetvLd8ZG8SDZ8krS226J5T2VzkWv67ygoX1Bb2Pwu74fYo12H0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F74C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECRwTL8OVQ3ymZyNZz_Mhpw&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECRwTL8OVQ3ymZyNZz_Mhpw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNUaT1laOPTw_A-VuKF3SKlQY9hjjEG4jSRuAVv4tn5ymI_XrKCdNn8I0Pb9ixr_E3btIrLb_cA-eDwVr86foeK7YrA7HxSwdLm0h8do35Qjf14We74Gyp9NNCkL6WhTHetvLd8ZG8SDZ8krS226J5T2VzkWv67ygoX1Bb2Pwu74fYo12H0
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Sun, 07 May 2023 15:15:27 GMT
pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECRwTL8OVQ3ymZyNZz_Mhpw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F74C
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNUaT1laOPTw_A-VuKF3SKlQY9hjjEG4jSRuAVv4tn5ymI_XrKCdNn8I0Pb9ixr_E3btIrLb_cA-eDwVr86foeK7YrA7HxSwdLm0h8do35Qjf14We74Gyp9NNCkL6WhTHetvLd8ZG8SDZ8krS226J5T2VzkWv67ygoX1Bb2Pwu74fYo12H0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Sun, 07 May 2023 15:15:27 GMT
pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 2D54
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOFd32K68NQgI9wmUSjZOfktWuD-5A01jj30ODZYHbEdGjW49QrrYycSBB8hRvmkoa0CylUIqaoRiZGWG2s1GhpSDX7_qmzs5y601mZPn2GNa01eyhPFJkGl47bJHa4QyGh-3SvU5FfFCMP5e8WlJzAMTs_RbxiUNbfz29SNoDst08zcPE-EzNJLBM8noz4tV4C5lAtd3WDhYMooeNNeRORQIekykitd_oEv8r-sUCT6zR_ZjVmZae-RiKTHaL_zp4yUkwNCmy0HDvR9smQj8a_2zuplQ2BQtOdyiIaikXymx7MW-VAXb8f02P_n7ONi9HMtASYq3AEUHE6rcLr10qigk2OodgzAJWUuQv2TUG5OYvO-TghOHy8pus5KWBy730bQBUP0Wfw2-74x_LIhyYU9BC9t4IzCkxcnxd5gBI9KIlwS8tiaPzxm-sU09Ra-K2rhzrTEes9tLdkP59YGi_w_nOo-ZC59OHsn7WF_VN67wJOcW6GQRSIY_zI5CLQQ6BCd09Uuj0blnwIsf2fv_M1mr4UhxILlTLYVkvRpUtAMofHDD-RTlKXJ-HKT4smw3QCp1pRwtdXZPiMuftOjT55ySbYNN5u5wroqEbzzRTs3Fy-J5iM5Fh08BIdUAqjOrxonrLFemakUThZmjnZgKyOoCDJG1GsgldGFYjqq46vYyTnjbs56GZ4NU-CBzjUVZ8qmtcz3zXwpLK5-djX06pX5bZrdtV47WmT2Betj4ojSptWcqfNGclCtxtrPmFYpww-mLfDPVMhqYiVur_SJztEn0sf9AX_sgYs6CrU_mTRjgmFe-5JdYvgUpS7DfVP3hc3jLkqEF6lm60HHSLsX6flYpHNI75J7d2V02mNvuH4moVBbST6AuMLOehAu6Ecsh8W5hOBC8UOHRpXrX3knoy6wateXRO5eGY4aaTK_s7ptvpTqXTPcnzQ_VwSsOA3v6ddD-LM_s06NRfzlGFIYqfE5i7pAmpsI8rjkqIu8DgMe55l9fz_knbQJog-GUlcJuu_Cd5HQjBZOLJvFwDem0txrxRPEfb3ul9Ymx2qDJRraTqmMs6et-d6UPCaZptBQHRNuUhqcanUNMrQMB3uLdNkX8mBIsGhX_5ilixo6Kx3UGtKaWRFSACQX3wAkOeWS41qn95_00QK6xzI8vbdV9R2QEcKZ0W5EyPvFVNkhG-9OsRdhnA07yc1UTepl6SFE159C-W6lJMtgBgv7WJb57ILp-6lt5CJRsCT38zdikBm3JjDhD5dmM&sai=AMfl-YTNU4kj6_MFRrPnY2Jx-hdUDpnIjZ0WiadntXIDqCyQ4f0CONhrZV_-R5QOqfiYZOBHw6peO_I-rkoqx7ftLkO8pGMqkCqAjDVYZUYGtllwgUzQOdP2BktwODEhz8_4h2bU6vUYkecHmH-SxsBrm16X2Ze-m6e2WT1Am-DwmxggBi1tfj_CpZPaqRUFsL9tM_OSUiXyPPqVi07vOblxE5e0bU79l7hFHEhFLXcNAzlugXUO6C2weK-bZOGslUUbP7AEcdvZf7QIZ79IDlb02hti5xoRYxIxNakU&sig=Cg0ArKJSzJ9_6Y6rqkyCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1241&vt=11&dtpt=834&dett=3&cstd=403&cisv=r20230502.34375&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 May 2023 15:15:27 GMT
diwan_1.m3u8
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
354 B
852 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
4044e738ceea463cc0cad194bdc727ca986197dccdd34fb1b131d3d8af871c26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:27 GMT
Last-Modified
Sun, 07 May 2023 15:15:24 GMT
Server
amazon
ETag
"6457c08c-162"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Expires
Sun, 07 May 2023 15:15:26 GMT
diwan_1-2510.key
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/keys/ Frame 44B4
16 B
443 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/keys/diwan_1-2510.key
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
f560420c907fc10b7d5c7373de6422f6f0a5961bb34b180c887eed3bbf1c1944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:27 GMT
Last-Modified
Sun, 07 May 2023 15:14:56 GMT
Server
amazon
ETag
"6457c070-10"
X-Cache-Status
HIT
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16
json
pro.ip-api.com/ Frame 44B4
161 B
317 B
Fetch
General
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
e4624d1cdb6e6659b349e395a217cfad5540ef3b263b0ddf9a79cdc4e1e572da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 07 May 2023 15:15:27 GMT
Content-Length
161
Content-Type
application/json; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame E248
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1596916136504&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E248
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1596916136504&version=m202301230201&ct=76&x=1&cor=693522339655846100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E248
90 KB
36 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dyp2PolDo-ZnlejmHrcsQ5Q_leG7ia1xUwLi4tDaE5dYX5xyiHvos6B6qBGmeo-XexGaVHdU6dKfAA6GL0bBhUjbYTtc7OmWhdlGAiF5cQJudVy9c&cry=1&dbm_d=AKAmf-BuOm-63uSMR5uOhiPUG33MrWU-v2W6ukoDViaDz-xNhUwcIrMTDiYuHYdb4pzOFVQxLJ6dLJciA2VU6xnFJ0C_If05GiMwNdHF1lHF7DZnWQWlbguTi6Ckq_A3QIVrUu91YkZEGcGcYmyv9LzomrnKcLaWm5vNQJ_WoBfHG12LvWr24_6GBlTRLeXc95q3t0bGBM8b3trTfeY5TOS5EeSKMft1B8IALag3QM4sk0-xQN00OLviWzigIhj7uQZJfVBny6qgg0SkLtMNSyth1mNsnPKBHZ1qxlKMMgQGnXX1VrSFi3yvANgBdz1N6u7rC33Qdr2n0ZWRb7lw3PrPzexUbR5oObzqgYqt-pyEE9963wW8NfwEejUsD9Pn7B78s652PTmsWDqXykLHT29konCqHW6ewhYP4dvgmYrlMtHsVXU-Tg8vgBhmsTnXh-4RtWAZd3CCNoeBrDBVFpbLersz5HoFYQ9qqpyHeLV43cUOlVcb6TT0QRxzt96mtXYJ2rZ-0v6xAf5fXzZ0YCOt_OF0jbwylytUS65-8XRFp4qxASbKvuVbEcuJJLaUOhyWjR5m9mYbz8oaCLy6GgCSMFgN6xBdS-ltpSKpK6_Mm8HEBUhfP6dDLWvDKK_2JzXOcJdIM_T6qjTmU3ZuHUDyg9b4dVIcb1p0s_IQpNIXSnl_AtVeEbpreE77S8gZGZZDnlcI0H8bJ3q5E8Ajghu-GZAmy2LU9Fo_yNe7vrBbU32pFFl80yP3qYVxjXnrZBKqb_ZkZSkTyKmYuuI5yFDcpCGGGHHT447Hvl9jiNijX5oD5l5dm5p9sYrN3rPlhDqWaELtxSy4nRqiJ72xNdYPbazFbKrADC1GYCL12YF6_pY0OGhXUSvmaLJ4l2Xykw7FXip_k4LBXrMcfhpW38zAqNM9f53R3InGUY4i4J-8uUi-B3XZaNBTa6A6-4x5ypbYS7TSJzqJZ7l47P4c46Ab4e-E1SsdtfeFu3YjW16l3z0FiG9LLO_-111i4BFOn85cZPgR1arukrt4Abr0v0QGxORo0quhBkZHHdhZKQAskdqTpNN_BNv2myt95gffAebzB1A-QGIWDUeZc0XXQg7-4MJ-v3zCOrnNq3EqXE6VIH9dqW0WJhStMtb4AEzhgS_l0xGpnRb_0ZAVK15DjHL21VzVimWN1a6Ma5h2UejzqaChfp-5oAQIgtC53Ne7vXNAyfjZ6OtPcUQzN4KpVvFmAj3-yilYZVBkzgi0XLx9iGENQZuklp0Y2Ul0HJq2tg_c0DxRG6B5ANuUJZX1sjcYIlKB8m1-Co9QSlUgdtchX64WObXCaD0x2G-LImPqS0XCKfbmSdOd4b6254fNABzLIguJosBHps7mHSCTcducbAikhvE6pl8c9y8jpMIUaukqWs5yNF3BbOoMc4q3CzNp6QQf8jPZOtGs6BdPwUSxwwvPQf0TLzBAQHNGKcbOtMUZW84FbFZpJRDeYVlqJKvuGD67KtDlMgfl8LP8mcVdrbnxAQV4dbR0fqcXgmdRC5WOubPRPW0VWVvLvRVyenVZldyOtW3skpWAjDEI6-fJ7ddL2n3_TjksAtGGFP8zdHqI7MqKhUCeToy8VEvmeCRTJWMLE87u8O3LdzRR85NoNFkr_7oUNJFib2oJZ9-vjoFIVqUZlGhF9O2Y7FQ_mAKhNurV92rq4Hk7Ca7uAkJZz5FugWmebiXcT3mz1AiHLHrX1vgTwOa2wuXD7lFW9zGd5EIkYDJSFqFoMk-Cfv8yQ8ha0peTXWsfO6ljp13tLkfBlVF_A_QaRwuemlq7k4KtwoOHfCEjdAazjxQAJSwG_H2PmR_YrROcVBjXiv2_2gvsBSZVxkOkh3wLJB9p4VE5YCua3SOOzwdCqwXRACSEfxK6pTnQQ2LW4wYo-BQTeqeTjPRyKeTCmRrTCegEctYzr86HJ5WbBvv_g02Q4yVUmbNiQAnhfo3v2MwrPg6VfFxckaJq00M6c1TS_bB9Hd5Sww2L-xw-a167AP78ZTl3na_olXGBnSevrQM5QkAb3rt_0IwuCbgjtr1AqvwYMt2bxw81YzIPCktv0JQtlz6_jidzuPmB6LCaaqW-TxCr5v-fvPyus_ulCAQkbq3VCgWu8nnk5C5YEzv4HIOgJxOnDsTQ8aC8yVGcUkMvUh9fKGgFs9zXvprdLYeO83ZDX6T6o8v6RuVWIT9LUvPYdjf5XM0IZ1On_6Rhort-rLvymujukF1WQ-4z9igw8LrTV8DEimD1saR4Qxkg6WlgZuo8xisXhZ4pBi4Mjcz7c6wixvpBe850T4oSwH22sMmgWtlDH6jeUEb1nlu2MynR6z4jfYHRWZGbHaMFYG_hNpyTXp9X_GVSCcP7t3z1gMxe5oVFOFqchfvStzhJenygrO10ykBZv07FZnzzNahiSzRL_JRkjseBa07Ma3UzkcUvGZTQEWe30JxgDfn7z8hvxxeD8ro2J-F2piW1RlYyfX0-p7caCBx8WbALv6ZsSC5viyjL_p8aqVB06fgrRaKV06IrhT33PaSHFNm6Xo2Zi7sqCtGY71-C_AgesbiOTo_l7l9-wQG-vo9jzinNXu53LQEXuwG-JvjzW6-jFnv_Sb61gDnP41jaHFV3AMr7VNBOUO7ZL7AnRlhtWNZtczNF3uy6mhxXFdZCCDd83z86eNL951MOt9cBMN51ILIKXQwgbZQm3SFDAysSTERNASocWALfMoCHOV16hXz3QUhnBoirKu-2tnNtsH5C3wbYQbvaT7yQvLs2tmZZ7IZnoEF5HdvP6bJgv8We3BbOee9VMYzlixRlmaFQE14__RMn12jw4sQAxeOhjuiZUt8NkP_QrtJHUXOV8rLAj6G04BjgTNgx_ZgcWW4tNyKHTVwupLQ90SMzx9ZdQdHcE8P5Le-GCPhJb4ptyAjI-COM1Wlpi6ZAu7thz5r4bVfcA1snf-rZ_dbfeoa_5mPvEtaSJd3SYyGiWo2F-JQ1CH6bKtqI8fZhHWsN3YYLundtxQ5At-HwYGk8SfBPkI4HcyhTPAWhuk0invswBcdgZYZI7D71DmH-36Cf_D-WAwSbsihmFya5ClA2DGguPUJk0PworBQoYO5IHjnJDUAjL4B8uF9FranL2yzYC3pRrLRAgjx8Jk3Hw2lS5rw-iJCz6JrlAP-Lw-47znSKIWSJUR58cMmHQca8vtEGaQc51KmTj-N60p85gB8gebrvr75Y_1EiAnL_3RuXwzTZ-DVoJGTkV7Y06JbsssNHpfBO3qoeW3urK8dF4WARNSGj6_tjLn8HoxFs3wD0cqb71zHIbO3SQORqgJhNcIfSUHE-gLXqlXYXg_G2xootw78JdmlNsMIpysn9A5kQP2Cd2uNU_gKF1W4qKrGqcnchHWwQ6zveKWxlRkmr8xKJlgZywSVPu8PgBfeXK1EQDMABaasEGoHk5YiQLthTUMEWZV77o7aY-XIkQT0rBdy0sy-_qtlC6iltVt1SoUz1DDxSJsk4oKP1trkA7C1QDVU2obIWjZyAN5hw3lupyzZtzCaOTt5QIx087bqif5sdXu0yKq6qarXPe-Ya1JNDvsKBXugVn_l5A1YnzMzPtJu8ro23wVk667g6sQYa9tV5FjvD_mLtnuLUfJHcmAcodVnct0TKd6jA0Op6amtewwFKuV8weCydkWo7KeAjlMjpknkmC8cFgmNjLPkKe97Pv5YlZF2btXdj&cid=CAQSPABygQiDUsKVAj9gbz2uwknEjUhXgK6x_ktV7kDYoK2AMlRwx3k6edFiQXV9hLt4nVRJVPV6sVHF8OTArxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=693522339655846100&adk=2988274607&idt=113&cac=0&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a1cd70a874ffcda547806ce58e8f521f8ac064414e1c551e642a6ff500ec717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37030
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B621
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7093017526379&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B621
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7093017526379&version=m202301230201&ct=76&x=1&cor=14567810932415973000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B621
83 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnsNEk00F29pUn2DKw6YsoHZ3MgrHPYyKDJZbXqM8q6aBQBk7-8Llq4IH65PxTRSwVQZrumy78ud7sGnlQXj68F0fOBA&cry=1&dbm_d=AKAmf-BZP-zOg5qIndok3okbVL9GoU4ikCOib9Zy1JUNdytbGTLSN-9UeITX9AMgazBTQ5zhtK_DS_Uu0zeyicO27wx7l_xFG2YLAezlfGg9nW5Z0WmP_-eRqC2I6WrWZKLEwW5kyguLSTcXu5yOMaXlLTRtcXnraf_7bhiS_5C9ul3bcDUhd46w-TAfubJdWOuctuXUsvYmb5bbneGGaQyfDF1ofCW32n0wAAO_kO_2AkQVplNZaavNUwoq0tEEwc0JJxJr7KjU50mbgIp5Eeik6YLl3rD_E91Ti0areyV3dQ6tpS71qNNBCxSIXPDTLTJuDJeb75Z8xRiV51PWHAoaDqRJE7whZUmu4gGoerbQ6Q9wQlVJibgasYJ08XB0h5t_ErKRCGQixrMkNW6AemDJro_iJSMIFtiq5p_7BT30lclFf8kUjIwK-nY4kYVW76lQGHIk-HkHliV9e4mKmVVQDW01l4x9cjoxjEqrNbwIWqVB82Vkj7C6NFJ76NdBpJrlK7O3m1ZE8PC3eHpH3SWrmjFxKkv6cYZBKbdeDu2KLWQfa-dCA_PQVx3uxdkjxfJbUCEQzyEau5b1sFu29a9ipNKCoasTwXKj1l-reJac6QLLysE56ELFEez8qPbrV4C_NU1Bb7WjTS7HjTjqw3NgB7p3Lxd-2GC4BLWleOZDK4CQujr4yiUipkKUK455V6yC_DoUoMswCH1WHCsLfFUqncDsB7kBWbegzB9pol0_ThLrXguYwwWzFkq9MvE5E62RwqGasaxNMCayTv50fN0OncK0ccyGGtcjb0d7_9qmruZCiLf40sC0H5-ctce6sLILdYjqgUyk3XfEqpp01wSCDO2b5_CavnM1A8wFSh6QMBbIr_KD47U43vrMdOR0y6jJxHTx1u2a-IDeGx2f8lMIsQNkPeBkSAuLCInM8YgaCRQ0EB-oQCrEY5npXQ_daPD9aF-kj63rumx7UHYZTplDqnLnpcfDhHBAvZYIwflCJChFNKYSaWRNGe3ca8ehuoyqgkyaZkGRdNNlikVtu4GyUfeycUh98Ou0ZTwQw7fKWHDrqUmzwqSGdhiGM_0BqXBM8Bg9r-eRuK8D2GScrNH6p2TShYYMEA8f1noQjgQOzcgS_UnQphbz9r3ZsS4SmMiygbl8WnJ2a0vhnSsLAf70nWhuE4nzkucnIB3XGPkZvB6pafimaL5hJd-9YxCAXhviqT8eOkop5cLjK_A5nNyN-zpJBMpcZCg8NZ0pZNb4kMh0lAur6KJt_k363hg7vVte027o2Ls3xCq6tgZKP9Xzq32yFzPe4tLChBttr5h_-JlGpS1VPBRTG2UontP4trj-RgseLjmhm-oVmPqBDb8lk-J5SsQkoitRyytffGFYarxmpifbAJksHgemaV53GlVviXPe-CGjIal4HAqjzNQcOVsETqrTpB0QKHrM8NGJruG3z4NWMuvaiQBgX_FvcsHslSU4tQixJyJS9_K9RQzO40XX3QqEsPQoNWKY-BCLNNWNdCN5CdCvMW4VodcdDPIsvxfhn5gOFd0MygTy_3sEmqd1gk1s0rV9NN4v--eas6_lEG8T7_X2S93CtQlLRMyJCoY3W3tJ6TRRyxsWNMyHeDc4xume4b8jqsuBgO9k_pl3QjsoTk8PvT29S9BPSF-oZTHB18eGhpJkAItPxhkThbwAolg4fw8aq74VA_NvUzi-6oNPh2nFPFnKXxZ_GZmJcN8ZIAYKhN9BGbnMg5EJOuyqXAezfAk2X31pkReRmPawtu9nWz4Q4ffE3ehkX0AUI4QGJILwN1LdjmfH0UVOyUXKHp3i63k4QH2iUfW81TpdoZnprBKmn4nHc8N3Ag7HSLkXYwi8LRSiKBN9uqT_Gbv0TwP3jv7pJZtpYpFaI4n0KDxuxlusOoRpaDyhNsC-uOQ5wmx-pryqiNQL_39DWYFCM_6NGUCwrcmEI2cI2RKtd6i44SGmuXs5iT-7h_bpf6KY0ALvsWKDLHYFsq_nrIE-fDEq6ncAIxpBb0PrHdlm2sx6OFyoi85izKMZiup7AQOuOkmM21vBrPm1W_9KBd9X6l-xoFz5sZ5YPzZrH27XTu0N_grUe88IFQSpPARsCFYEO2-4E91LGQAbwzzWmVCIxLB1nMk8qgLBl5gZxnS4AQEOo3NtpuCNO2H20xqJAQoeKwq0gVrkKPVYP8Jo79shhygnseRNSRwabHHRMsqX8bH7FA3amAu3ZhKh_deJEBmbdHDuMW9XdWaVHvWOJEfu6NAve5VxDAYNia40RE0x0M5ocYHNJgKbZlfs76c6PL7aXBSxGQXWQoHpPpVAJCHYesZJnFxR_orYGYKzaxWloygCVDxJSs0A5NoJe4jQpEtw9AElPge3SXaFZ6K9vM_JoRjdoTFWqf31zRFBlG92J78UB4jHpueGDdk0YfT5uOZ5MO-2TLU3I4sMG6Sek_wew2fVo6r5qzUoXRGyljaSBFKdb1LV9ZD_mfDLN6hP_A2BcLSMOkuAnx55P14rJfDAEjvo4bz8x9nmgHDwnxW2vgST9zwD5-jVgLeUtc0yo7uaxy9ZUq1N8qxQlQdOUrVQ-aVPNfftmnqEEcpwOtCyllEgFYsc02_7Pq-IA-H3i83bbY_ESCEJ1kM_tBMVAxrlUg2epiPlus2hlLyOJTcDI98aeQWJYVVp4IG-txPi1bPZ3OD7uqLszt3S69jafdZeOA0b0GH1KJEf1tK6QQMQnXNKkpCZLW4xpeeyepegRUQCCVWRio3Yf5lpsAL6Ymg69vcJuomgIsYN01KDpXHU8WuzbEYuqGUqUS9eg9q_NtgYzHkDt6OqGkHzlth3JBLiPgPBvxIqyJoiEWzXpqB4iy3D16e6tkG7zaUHG7AjIMwsckXmQe_WMxPmZ_V32JhESoFBj5wy7ixyeLTTzR3oxbFv0fIUviPTYJ1QsYdYrVggOteyt9PTdJgjnHZ8-YCN3ExqieWeIJ3HGK0lehjEENeLclJ6FSJVl62_Ne1gJGYRY8cgTxleFBAJAg9UvDuVVRGYXPJUKPui9ZIkLEEVvF-mq6qgzk0bot2C-InFW_lPbonTFAGsNxYhMvGV6E9dhRcqg-1Kw34FXlp8SOsNVcz_2vgicOtS0hG9g32-tY0OlKB7c-NGz0TNl2aT-dDy745qmonvSbw6aj-oXuSdD5wJ8Vl0sfyqHM3oLmG0qA634DS6csZAhO9DV3NIvSrHJCMnKfnRi-BQSTwokGAP_uvD6YRoh8_4Pj7OekbXMo95cPZWS4VEilWi086KBXDmJW6VrCHJXytrF888Kz_UOAr3DqH6pXvFtdlkds2EDnTTfv9z_hlJUcdEGNYoKxCd66qe_NTanZsOwClKVUQKLPNygPrWIuMk2T6TofDWrS5zRj7XIZpdjUD10-WWCCaUPRcKgyrXGcBzwnIvwd4VOL9jYuh0bGAb3mCP0FoKS6dOwYfWD9voHuXzGIW2asVN7_exrw&cid=CAQSPABygQiD_uZ0Jt1ig9CtJpG8j0gExSRrCb98ypY97ltzpPm0PNRA0DGFzjSYkFDVQXAnxTQERzelEgdAnhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14567810932415973000&adk=3690638929&idt=157&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8ad44c4478f1031b6f0b97cac92269fb02bf70d6077fafb8f0c1a8f49a43af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35851
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame F983
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:10:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B16E
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72902
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Sun, 07 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame 9B99
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14616
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 10:31:06 GMT
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsHc2,pingTime:-10,time:1273,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi42MyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1683472527862%7C%7C8aa908365e60e0be473c560483ae274f%7C%7C1a341f7ffaad5ea94f399b4eae605ec3%7C%7C71e84d201a81fbbc850fe9d3c5ca8c5d%7C%7C230be8bca05fe26902ddc1d6fcb12548%7C%7Caf7c086f055cd631bacdc4280d3f0170%7C%7Cb7d24a80b8203bb70e81add95e90813c%7C%7Cb7f20442f7238c2f849391a22c576ecc%7C%7C1663701684,im:%7Bpci:%7Btdr:1115%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:27 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F91B
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E248
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 May 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame E248
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dyp2PolDo-ZnlejmHrcsQ5Q_leG7ia1xUwLi4tDaE5dYX5xyiHvos6B6qBGmeo-XexGaVHdU6dKfAA6GL0bBhUjbYTtc7OmWhdlGAiF5cQJudVy9c&cry=1&dbm_d=AKAmf-BuOm-63uSMR5uOhiPUG33MrWU-v2W6ukoDViaDz-xNhUwcIrMTDiYuHYdb4pzOFVQxLJ6dLJciA2VU6xnFJ0C_If05GiMwNdHF1lHF7DZnWQWlbguTi6Ckq_A3QIVrUu91YkZEGcGcYmyv9LzomrnKcLaWm5vNQJ_WoBfHG12LvWr24_6GBlTRLeXc95q3t0bGBM8b3trTfeY5TOS5EeSKMft1B8IALag3QM4sk0-xQN00OLviWzigIhj7uQZJfVBny6qgg0SkLtMNSyth1mNsnPKBHZ1qxlKMMgQGnXX1VrSFi3yvANgBdz1N6u7rC33Qdr2n0ZWRb7lw3PrPzexUbR5oObzqgYqt-pyEE9963wW8NfwEejUsD9Pn7B78s652PTmsWDqXykLHT29konCqHW6ewhYP4dvgmYrlMtHsVXU-Tg8vgBhmsTnXh-4RtWAZd3CCNoeBrDBVFpbLersz5HoFYQ9qqpyHeLV43cUOlVcb6TT0QRxzt96mtXYJ2rZ-0v6xAf5fXzZ0YCOt_OF0jbwylytUS65-8XRFp4qxASbKvuVbEcuJJLaUOhyWjR5m9mYbz8oaCLy6GgCSMFgN6xBdS-ltpSKpK6_Mm8HEBUhfP6dDLWvDKK_2JzXOcJdIM_T6qjTmU3ZuHUDyg9b4dVIcb1p0s_IQpNIXSnl_AtVeEbpreE77S8gZGZZDnlcI0H8bJ3q5E8Ajghu-GZAmy2LU9Fo_yNe7vrBbU32pFFl80yP3qYVxjXnrZBKqb_ZkZSkTyKmYuuI5yFDcpCGGGHHT447Hvl9jiNijX5oD5l5dm5p9sYrN3rPlhDqWaELtxSy4nRqiJ72xNdYPbazFbKrADC1GYCL12YF6_pY0OGhXUSvmaLJ4l2Xykw7FXip_k4LBXrMcfhpW38zAqNM9f53R3InGUY4i4J-8uUi-B3XZaNBTa6A6-4x5ypbYS7TSJzqJZ7l47P4c46Ab4e-E1SsdtfeFu3YjW16l3z0FiG9LLO_-111i4BFOn85cZPgR1arukrt4Abr0v0QGxORo0quhBkZHHdhZKQAskdqTpNN_BNv2myt95gffAebzB1A-QGIWDUeZc0XXQg7-4MJ-v3zCOrnNq3EqXE6VIH9dqW0WJhStMtb4AEzhgS_l0xGpnRb_0ZAVK15DjHL21VzVimWN1a6Ma5h2UejzqaChfp-5oAQIgtC53Ne7vXNAyfjZ6OtPcUQzN4KpVvFmAj3-yilYZVBkzgi0XLx9iGENQZuklp0Y2Ul0HJq2tg_c0DxRG6B5ANuUJZX1sjcYIlKB8m1-Co9QSlUgdtchX64WObXCaD0x2G-LImPqS0XCKfbmSdOd4b6254fNABzLIguJosBHps7mHSCTcducbAikhvE6pl8c9y8jpMIUaukqWs5yNF3BbOoMc4q3CzNp6QQf8jPZOtGs6BdPwUSxwwvPQf0TLzBAQHNGKcbOtMUZW84FbFZpJRDeYVlqJKvuGD67KtDlMgfl8LP8mcVdrbnxAQV4dbR0fqcXgmdRC5WOubPRPW0VWVvLvRVyenVZldyOtW3skpWAjDEI6-fJ7ddL2n3_TjksAtGGFP8zdHqI7MqKhUCeToy8VEvmeCRTJWMLE87u8O3LdzRR85NoNFkr_7oUNJFib2oJZ9-vjoFIVqUZlGhF9O2Y7FQ_mAKhNurV92rq4Hk7Ca7uAkJZz5FugWmebiXcT3mz1AiHLHrX1vgTwOa2wuXD7lFW9zGd5EIkYDJSFqFoMk-Cfv8yQ8ha0peTXWsfO6ljp13tLkfBlVF_A_QaRwuemlq7k4KtwoOHfCEjdAazjxQAJSwG_H2PmR_YrROcVBjXiv2_2gvsBSZVxkOkh3wLJB9p4VE5YCua3SOOzwdCqwXRACSEfxK6pTnQQ2LW4wYo-BQTeqeTjPRyKeTCmRrTCegEctYzr86HJ5WbBvv_g02Q4yVUmbNiQAnhfo3v2MwrPg6VfFxckaJq00M6c1TS_bB9Hd5Sww2L-xw-a167AP78ZTl3na_olXGBnSevrQM5QkAb3rt_0IwuCbgjtr1AqvwYMt2bxw81YzIPCktv0JQtlz6_jidzuPmB6LCaaqW-TxCr5v-fvPyus_ulCAQkbq3VCgWu8nnk5C5YEzv4HIOgJxOnDsTQ8aC8yVGcUkMvUh9fKGgFs9zXvprdLYeO83ZDX6T6o8v6RuVWIT9LUvPYdjf5XM0IZ1On_6Rhort-rLvymujukF1WQ-4z9igw8LrTV8DEimD1saR4Qxkg6WlgZuo8xisXhZ4pBi4Mjcz7c6wixvpBe850T4oSwH22sMmgWtlDH6jeUEb1nlu2MynR6z4jfYHRWZGbHaMFYG_hNpyTXp9X_GVSCcP7t3z1gMxe5oVFOFqchfvStzhJenygrO10ykBZv07FZnzzNahiSzRL_JRkjseBa07Ma3UzkcUvGZTQEWe30JxgDfn7z8hvxxeD8ro2J-F2piW1RlYyfX0-p7caCBx8WbALv6ZsSC5viyjL_p8aqVB06fgrRaKV06IrhT33PaSHFNm6Xo2Zi7sqCtGY71-C_AgesbiOTo_l7l9-wQG-vo9jzinNXu53LQEXuwG-JvjzW6-jFnv_Sb61gDnP41jaHFV3AMr7VNBOUO7ZL7AnRlhtWNZtczNF3uy6mhxXFdZCCDd83z86eNL951MOt9cBMN51ILIKXQwgbZQm3SFDAysSTERNASocWALfMoCHOV16hXz3QUhnBoirKu-2tnNtsH5C3wbYQbvaT7yQvLs2tmZZ7IZnoEF5HdvP6bJgv8We3BbOee9VMYzlixRlmaFQE14__RMn12jw4sQAxeOhjuiZUt8NkP_QrtJHUXOV8rLAj6G04BjgTNgx_ZgcWW4tNyKHTVwupLQ90SMzx9ZdQdHcE8P5Le-GCPhJb4ptyAjI-COM1Wlpi6ZAu7thz5r4bVfcA1snf-rZ_dbfeoa_5mPvEtaSJd3SYyGiWo2F-JQ1CH6bKtqI8fZhHWsN3YYLundtxQ5At-HwYGk8SfBPkI4HcyhTPAWhuk0invswBcdgZYZI7D71DmH-36Cf_D-WAwSbsihmFya5ClA2DGguPUJk0PworBQoYO5IHjnJDUAjL4B8uF9FranL2yzYC3pRrLRAgjx8Jk3Hw2lS5rw-iJCz6JrlAP-Lw-47znSKIWSJUR58cMmHQca8vtEGaQc51KmTj-N60p85gB8gebrvr75Y_1EiAnL_3RuXwzTZ-DVoJGTkV7Y06JbsssNHpfBO3qoeW3urK8dF4WARNSGj6_tjLn8HoxFs3wD0cqb71zHIbO3SQORqgJhNcIfSUHE-gLXqlXYXg_G2xootw78JdmlNsMIpysn9A5kQP2Cd2uNU_gKF1W4qKrGqcnchHWwQ6zveKWxlRkmr8xKJlgZywSVPu8PgBfeXK1EQDMABaasEGoHk5YiQLthTUMEWZV77o7aY-XIkQT0rBdy0sy-_qtlC6iltVt1SoUz1DDxSJsk4oKP1trkA7C1QDVU2obIWjZyAN5hw3lupyzZtzCaOTt5QIx087bqif5sdXu0yKq6qarXPe-Ya1JNDvsKBXugVn_l5A1YnzMzPtJu8ro23wVk667g6sQYa9tV5FjvD_mLtnuLUfJHcmAcodVnct0TKd6jA0Op6amtewwFKuV8weCydkWo7KeAjlMjpknkmC8cFgmNjLPkKe97Pv5YlZF2btXdj&cid=CAQSPABygQiDUsKVAj9gbz2uwknEjUhXgK6x_ktV7kDYoK2AMlRwx3k6edFiQXV9hLt4nVRJVPV6sVHF8OTArxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=693522339655846100&adk=2988274607&idt=113&cac=0&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
76460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:01:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame E248
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dyp2PolDo-ZnlejmHrcsQ5Q_leG7ia1xUwLi4tDaE5dYX5xyiHvos6B6qBGmeo-XexGaVHdU6dKfAA6GL0bBhUjbYTtc7OmWhdlGAiF5cQJudVy9c&cry=1&dbm_d=AKAmf-BuOm-63uSMR5uOhiPUG33MrWU-v2W6ukoDViaDz-xNhUwcIrMTDiYuHYdb4pzOFVQxLJ6dLJciA2VU6xnFJ0C_If05GiMwNdHF1lHF7DZnWQWlbguTi6Ckq_A3QIVrUu91YkZEGcGcYmyv9LzomrnKcLaWm5vNQJ_WoBfHG12LvWr24_6GBlTRLeXc95q3t0bGBM8b3trTfeY5TOS5EeSKMft1B8IALag3QM4sk0-xQN00OLviWzigIhj7uQZJfVBny6qgg0SkLtMNSyth1mNsnPKBHZ1qxlKMMgQGnXX1VrSFi3yvANgBdz1N6u7rC33Qdr2n0ZWRb7lw3PrPzexUbR5oObzqgYqt-pyEE9963wW8NfwEejUsD9Pn7B78s652PTmsWDqXykLHT29konCqHW6ewhYP4dvgmYrlMtHsVXU-Tg8vgBhmsTnXh-4RtWAZd3CCNoeBrDBVFpbLersz5HoFYQ9qqpyHeLV43cUOlVcb6TT0QRxzt96mtXYJ2rZ-0v6xAf5fXzZ0YCOt_OF0jbwylytUS65-8XRFp4qxASbKvuVbEcuJJLaUOhyWjR5m9mYbz8oaCLy6GgCSMFgN6xBdS-ltpSKpK6_Mm8HEBUhfP6dDLWvDKK_2JzXOcJdIM_T6qjTmU3ZuHUDyg9b4dVIcb1p0s_IQpNIXSnl_AtVeEbpreE77S8gZGZZDnlcI0H8bJ3q5E8Ajghu-GZAmy2LU9Fo_yNe7vrBbU32pFFl80yP3qYVxjXnrZBKqb_ZkZSkTyKmYuuI5yFDcpCGGGHHT447Hvl9jiNijX5oD5l5dm5p9sYrN3rPlhDqWaELtxSy4nRqiJ72xNdYPbazFbKrADC1GYCL12YF6_pY0OGhXUSvmaLJ4l2Xykw7FXip_k4LBXrMcfhpW38zAqNM9f53R3InGUY4i4J-8uUi-B3XZaNBTa6A6-4x5ypbYS7TSJzqJZ7l47P4c46Ab4e-E1SsdtfeFu3YjW16l3z0FiG9LLO_-111i4BFOn85cZPgR1arukrt4Abr0v0QGxORo0quhBkZHHdhZKQAskdqTpNN_BNv2myt95gffAebzB1A-QGIWDUeZc0XXQg7-4MJ-v3zCOrnNq3EqXE6VIH9dqW0WJhStMtb4AEzhgS_l0xGpnRb_0ZAVK15DjHL21VzVimWN1a6Ma5h2UejzqaChfp-5oAQIgtC53Ne7vXNAyfjZ6OtPcUQzN4KpVvFmAj3-yilYZVBkzgi0XLx9iGENQZuklp0Y2Ul0HJq2tg_c0DxRG6B5ANuUJZX1sjcYIlKB8m1-Co9QSlUgdtchX64WObXCaD0x2G-LImPqS0XCKfbmSdOd4b6254fNABzLIguJosBHps7mHSCTcducbAikhvE6pl8c9y8jpMIUaukqWs5yNF3BbOoMc4q3CzNp6QQf8jPZOtGs6BdPwUSxwwvPQf0TLzBAQHNGKcbOtMUZW84FbFZpJRDeYVlqJKvuGD67KtDlMgfl8LP8mcVdrbnxAQV4dbR0fqcXgmdRC5WOubPRPW0VWVvLvRVyenVZldyOtW3skpWAjDEI6-fJ7ddL2n3_TjksAtGGFP8zdHqI7MqKhUCeToy8VEvmeCRTJWMLE87u8O3LdzRR85NoNFkr_7oUNJFib2oJZ9-vjoFIVqUZlGhF9O2Y7FQ_mAKhNurV92rq4Hk7Ca7uAkJZz5FugWmebiXcT3mz1AiHLHrX1vgTwOa2wuXD7lFW9zGd5EIkYDJSFqFoMk-Cfv8yQ8ha0peTXWsfO6ljp13tLkfBlVF_A_QaRwuemlq7k4KtwoOHfCEjdAazjxQAJSwG_H2PmR_YrROcVBjXiv2_2gvsBSZVxkOkh3wLJB9p4VE5YCua3SOOzwdCqwXRACSEfxK6pTnQQ2LW4wYo-BQTeqeTjPRyKeTCmRrTCegEctYzr86HJ5WbBvv_g02Q4yVUmbNiQAnhfo3v2MwrPg6VfFxckaJq00M6c1TS_bB9Hd5Sww2L-xw-a167AP78ZTl3na_olXGBnSevrQM5QkAb3rt_0IwuCbgjtr1AqvwYMt2bxw81YzIPCktv0JQtlz6_jidzuPmB6LCaaqW-TxCr5v-fvPyus_ulCAQkbq3VCgWu8nnk5C5YEzv4HIOgJxOnDsTQ8aC8yVGcUkMvUh9fKGgFs9zXvprdLYeO83ZDX6T6o8v6RuVWIT9LUvPYdjf5XM0IZ1On_6Rhort-rLvymujukF1WQ-4z9igw8LrTV8DEimD1saR4Qxkg6WlgZuo8xisXhZ4pBi4Mjcz7c6wixvpBe850T4oSwH22sMmgWtlDH6jeUEb1nlu2MynR6z4jfYHRWZGbHaMFYG_hNpyTXp9X_GVSCcP7t3z1gMxe5oVFOFqchfvStzhJenygrO10ykBZv07FZnzzNahiSzRL_JRkjseBa07Ma3UzkcUvGZTQEWe30JxgDfn7z8hvxxeD8ro2J-F2piW1RlYyfX0-p7caCBx8WbALv6ZsSC5viyjL_p8aqVB06fgrRaKV06IrhT33PaSHFNm6Xo2Zi7sqCtGY71-C_AgesbiOTo_l7l9-wQG-vo9jzinNXu53LQEXuwG-JvjzW6-jFnv_Sb61gDnP41jaHFV3AMr7VNBOUO7ZL7AnRlhtWNZtczNF3uy6mhxXFdZCCDd83z86eNL951MOt9cBMN51ILIKXQwgbZQm3SFDAysSTERNASocWALfMoCHOV16hXz3QUhnBoirKu-2tnNtsH5C3wbYQbvaT7yQvLs2tmZZ7IZnoEF5HdvP6bJgv8We3BbOee9VMYzlixRlmaFQE14__RMn12jw4sQAxeOhjuiZUt8NkP_QrtJHUXOV8rLAj6G04BjgTNgx_ZgcWW4tNyKHTVwupLQ90SMzx9ZdQdHcE8P5Le-GCPhJb4ptyAjI-COM1Wlpi6ZAu7thz5r4bVfcA1snf-rZ_dbfeoa_5mPvEtaSJd3SYyGiWo2F-JQ1CH6bKtqI8fZhHWsN3YYLundtxQ5At-HwYGk8SfBPkI4HcyhTPAWhuk0invswBcdgZYZI7D71DmH-36Cf_D-WAwSbsihmFya5ClA2DGguPUJk0PworBQoYO5IHjnJDUAjL4B8uF9FranL2yzYC3pRrLRAgjx8Jk3Hw2lS5rw-iJCz6JrlAP-Lw-47znSKIWSJUR58cMmHQca8vtEGaQc51KmTj-N60p85gB8gebrvr75Y_1EiAnL_3RuXwzTZ-DVoJGTkV7Y06JbsssNHpfBO3qoeW3urK8dF4WARNSGj6_tjLn8HoxFs3wD0cqb71zHIbO3SQORqgJhNcIfSUHE-gLXqlXYXg_G2xootw78JdmlNsMIpysn9A5kQP2Cd2uNU_gKF1W4qKrGqcnchHWwQ6zveKWxlRkmr8xKJlgZywSVPu8PgBfeXK1EQDMABaasEGoHk5YiQLthTUMEWZV77o7aY-XIkQT0rBdy0sy-_qtlC6iltVt1SoUz1DDxSJsk4oKP1trkA7C1QDVU2obIWjZyAN5hw3lupyzZtzCaOTt5QIx087bqif5sdXu0yKq6qarXPe-Ya1JNDvsKBXugVn_l5A1YnzMzPtJu8ro23wVk667g6sQYa9tV5FjvD_mLtnuLUfJHcmAcodVnct0TKd6jA0Op6amtewwFKuV8weCydkWo7KeAjlMjpknkmC8cFgmNjLPkKe97Pv5YlZF2btXdj&cid=CAQSPABygQiDUsKVAj9gbz2uwknEjUhXgK6x_ktV7kDYoK2AMlRwx3k6edFiQXV9hLt4nVRJVPV6sVHF8OTArxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=693522339655846100&adk=2988274607&idt=113&cac=0&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de1346a42d1d61f1b1bb581cc38a9a6662570b67fbca3b9d4dd3b36e446b6a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
76326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10880
x-xss-protection
0
server
cafe
etag
12570010719352825067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:03:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D54
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseDAvRjv8c_BvkCTvOYioOh4uOp5U4EMzl5bLpIyzwpskNESHi2gc7StbNfBNyJ6jpPjTy7TwK3tvkZe2E2nVSqbABbePonfZdHcalkl8Ln_W32LVOe0MfBACJ&sai=AMfl-YQs-9JqbUCwu1FCdUU4m0A9DbS1SBaAX4ZeaAtD7t0kxseQ6g4nbq4awz0a-ok8iXl2nF2Hlr1dAtgaCv9T3j0LBUd06TI8WT7TcWj7T-TUUXesI55PIDOe6bnIxpwX5XshJs7_hFHnF6qEKA&sig=Cg0ArKJSzHxVu4EmW-JCEAE&cid=CAQSTABygQiD2O3MUtzy4cF0G4Sgypy1YKKYzJRFRp9njnyPGBUCIVFZtFCN0270eOhoGGiZKJ_7HajkWIzG7lJcfWmX-UG252pv6yj1L3gYAQ&id=lidar2&mcvt=1106&p=1110,436,1200,1164&mtos=1106,1106,1106,1106,1106&tos=1106,0,0,0,0&v=20230504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3202367356&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683472525830&rpt=1013&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B621
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame B621
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnsNEk00F29pUn2DKw6YsoHZ3MgrHPYyKDJZbXqM8q6aBQBk7-8Llq4IH65PxTRSwVQZrumy78ud7sGnlQXj68F0fOBA&cry=1&dbm_d=AKAmf-BZP-zOg5qIndok3okbVL9GoU4ikCOib9Zy1JUNdytbGTLSN-9UeITX9AMgazBTQ5zhtK_DS_Uu0zeyicO27wx7l_xFG2YLAezlfGg9nW5Z0WmP_-eRqC2I6WrWZKLEwW5kyguLSTcXu5yOMaXlLTRtcXnraf_7bhiS_5C9ul3bcDUhd46w-TAfubJdWOuctuXUsvYmb5bbneGGaQyfDF1ofCW32n0wAAO_kO_2AkQVplNZaavNUwoq0tEEwc0JJxJr7KjU50mbgIp5Eeik6YLl3rD_E91Ti0areyV3dQ6tpS71qNNBCxSIXPDTLTJuDJeb75Z8xRiV51PWHAoaDqRJE7whZUmu4gGoerbQ6Q9wQlVJibgasYJ08XB0h5t_ErKRCGQixrMkNW6AemDJro_iJSMIFtiq5p_7BT30lclFf8kUjIwK-nY4kYVW76lQGHIk-HkHliV9e4mKmVVQDW01l4x9cjoxjEqrNbwIWqVB82Vkj7C6NFJ76NdBpJrlK7O3m1ZE8PC3eHpH3SWrmjFxKkv6cYZBKbdeDu2KLWQfa-dCA_PQVx3uxdkjxfJbUCEQzyEau5b1sFu29a9ipNKCoasTwXKj1l-reJac6QLLysE56ELFEez8qPbrV4C_NU1Bb7WjTS7HjTjqw3NgB7p3Lxd-2GC4BLWleOZDK4CQujr4yiUipkKUK455V6yC_DoUoMswCH1WHCsLfFUqncDsB7kBWbegzB9pol0_ThLrXguYwwWzFkq9MvE5E62RwqGasaxNMCayTv50fN0OncK0ccyGGtcjb0d7_9qmruZCiLf40sC0H5-ctce6sLILdYjqgUyk3XfEqpp01wSCDO2b5_CavnM1A8wFSh6QMBbIr_KD47U43vrMdOR0y6jJxHTx1u2a-IDeGx2f8lMIsQNkPeBkSAuLCInM8YgaCRQ0EB-oQCrEY5npXQ_daPD9aF-kj63rumx7UHYZTplDqnLnpcfDhHBAvZYIwflCJChFNKYSaWRNGe3ca8ehuoyqgkyaZkGRdNNlikVtu4GyUfeycUh98Ou0ZTwQw7fKWHDrqUmzwqSGdhiGM_0BqXBM8Bg9r-eRuK8D2GScrNH6p2TShYYMEA8f1noQjgQOzcgS_UnQphbz9r3ZsS4SmMiygbl8WnJ2a0vhnSsLAf70nWhuE4nzkucnIB3XGPkZvB6pafimaL5hJd-9YxCAXhviqT8eOkop5cLjK_A5nNyN-zpJBMpcZCg8NZ0pZNb4kMh0lAur6KJt_k363hg7vVte027o2Ls3xCq6tgZKP9Xzq32yFzPe4tLChBttr5h_-JlGpS1VPBRTG2UontP4trj-RgseLjmhm-oVmPqBDb8lk-J5SsQkoitRyytffGFYarxmpifbAJksHgemaV53GlVviXPe-CGjIal4HAqjzNQcOVsETqrTpB0QKHrM8NGJruG3z4NWMuvaiQBgX_FvcsHslSU4tQixJyJS9_K9RQzO40XX3QqEsPQoNWKY-BCLNNWNdCN5CdCvMW4VodcdDPIsvxfhn5gOFd0MygTy_3sEmqd1gk1s0rV9NN4v--eas6_lEG8T7_X2S93CtQlLRMyJCoY3W3tJ6TRRyxsWNMyHeDc4xume4b8jqsuBgO9k_pl3QjsoTk8PvT29S9BPSF-oZTHB18eGhpJkAItPxhkThbwAolg4fw8aq74VA_NvUzi-6oNPh2nFPFnKXxZ_GZmJcN8ZIAYKhN9BGbnMg5EJOuyqXAezfAk2X31pkReRmPawtu9nWz4Q4ffE3ehkX0AUI4QGJILwN1LdjmfH0UVOyUXKHp3i63k4QH2iUfW81TpdoZnprBKmn4nHc8N3Ag7HSLkXYwi8LRSiKBN9uqT_Gbv0TwP3jv7pJZtpYpFaI4n0KDxuxlusOoRpaDyhNsC-uOQ5wmx-pryqiNQL_39DWYFCM_6NGUCwrcmEI2cI2RKtd6i44SGmuXs5iT-7h_bpf6KY0ALvsWKDLHYFsq_nrIE-fDEq6ncAIxpBb0PrHdlm2sx6OFyoi85izKMZiup7AQOuOkmM21vBrPm1W_9KBd9X6l-xoFz5sZ5YPzZrH27XTu0N_grUe88IFQSpPARsCFYEO2-4E91LGQAbwzzWmVCIxLB1nMk8qgLBl5gZxnS4AQEOo3NtpuCNO2H20xqJAQoeKwq0gVrkKPVYP8Jo79shhygnseRNSRwabHHRMsqX8bH7FA3amAu3ZhKh_deJEBmbdHDuMW9XdWaVHvWOJEfu6NAve5VxDAYNia40RE0x0M5ocYHNJgKbZlfs76c6PL7aXBSxGQXWQoHpPpVAJCHYesZJnFxR_orYGYKzaxWloygCVDxJSs0A5NoJe4jQpEtw9AElPge3SXaFZ6K9vM_JoRjdoTFWqf31zRFBlG92J78UB4jHpueGDdk0YfT5uOZ5MO-2TLU3I4sMG6Sek_wew2fVo6r5qzUoXRGyljaSBFKdb1LV9ZD_mfDLN6hP_A2BcLSMOkuAnx55P14rJfDAEjvo4bz8x9nmgHDwnxW2vgST9zwD5-jVgLeUtc0yo7uaxy9ZUq1N8qxQlQdOUrVQ-aVPNfftmnqEEcpwOtCyllEgFYsc02_7Pq-IA-H3i83bbY_ESCEJ1kM_tBMVAxrlUg2epiPlus2hlLyOJTcDI98aeQWJYVVp4IG-txPi1bPZ3OD7uqLszt3S69jafdZeOA0b0GH1KJEf1tK6QQMQnXNKkpCZLW4xpeeyepegRUQCCVWRio3Yf5lpsAL6Ymg69vcJuomgIsYN01KDpXHU8WuzbEYuqGUqUS9eg9q_NtgYzHkDt6OqGkHzlth3JBLiPgPBvxIqyJoiEWzXpqB4iy3D16e6tkG7zaUHG7AjIMwsckXmQe_WMxPmZ_V32JhESoFBj5wy7ixyeLTTzR3oxbFv0fIUviPTYJ1QsYdYrVggOteyt9PTdJgjnHZ8-YCN3ExqieWeIJ3HGK0lehjEENeLclJ6FSJVl62_Ne1gJGYRY8cgTxleFBAJAg9UvDuVVRGYXPJUKPui9ZIkLEEVvF-mq6qgzk0bot2C-InFW_lPbonTFAGsNxYhMvGV6E9dhRcqg-1Kw34FXlp8SOsNVcz_2vgicOtS0hG9g32-tY0OlKB7c-NGz0TNl2aT-dDy745qmonvSbw6aj-oXuSdD5wJ8Vl0sfyqHM3oLmG0qA634DS6csZAhO9DV3NIvSrHJCMnKfnRi-BQSTwokGAP_uvD6YRoh8_4Pj7OekbXMo95cPZWS4VEilWi086KBXDmJW6VrCHJXytrF888Kz_UOAr3DqH6pXvFtdlkds2EDnTTfv9z_hlJUcdEGNYoKxCd66qe_NTanZsOwClKVUQKLPNygPrWIuMk2T6TofDWrS5zRj7XIZpdjUD10-WWCCaUPRcKgyrXGcBzwnIvwd4VOL9jYuh0bGAb3mCP0FoKS6dOwYfWD9voHuXzGIW2asVN7_exrw&cid=CAQSPABygQiD_uZ0Jt1ig9CtJpG8j0gExSRrCb98ypY97ltzpPm0PNRA0DGFzjSYkFDVQXAnxTQERzelEgdAnhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14567810932415973000&adk=3690638929&idt=157&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
76460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:01:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame B621
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnsNEk00F29pUn2DKw6YsoHZ3MgrHPYyKDJZbXqM8q6aBQBk7-8Llq4IH65PxTRSwVQZrumy78ud7sGnlQXj68F0fOBA&cry=1&dbm_d=AKAmf-BZP-zOg5qIndok3okbVL9GoU4ikCOib9Zy1JUNdytbGTLSN-9UeITX9AMgazBTQ5zhtK_DS_Uu0zeyicO27wx7l_xFG2YLAezlfGg9nW5Z0WmP_-eRqC2I6WrWZKLEwW5kyguLSTcXu5yOMaXlLTRtcXnraf_7bhiS_5C9ul3bcDUhd46w-TAfubJdWOuctuXUsvYmb5bbneGGaQyfDF1ofCW32n0wAAO_kO_2AkQVplNZaavNUwoq0tEEwc0JJxJr7KjU50mbgIp5Eeik6YLl3rD_E91Ti0areyV3dQ6tpS71qNNBCxSIXPDTLTJuDJeb75Z8xRiV51PWHAoaDqRJE7whZUmu4gGoerbQ6Q9wQlVJibgasYJ08XB0h5t_ErKRCGQixrMkNW6AemDJro_iJSMIFtiq5p_7BT30lclFf8kUjIwK-nY4kYVW76lQGHIk-HkHliV9e4mKmVVQDW01l4x9cjoxjEqrNbwIWqVB82Vkj7C6NFJ76NdBpJrlK7O3m1ZE8PC3eHpH3SWrmjFxKkv6cYZBKbdeDu2KLWQfa-dCA_PQVx3uxdkjxfJbUCEQzyEau5b1sFu29a9ipNKCoasTwXKj1l-reJac6QLLysE56ELFEez8qPbrV4C_NU1Bb7WjTS7HjTjqw3NgB7p3Lxd-2GC4BLWleOZDK4CQujr4yiUipkKUK455V6yC_DoUoMswCH1WHCsLfFUqncDsB7kBWbegzB9pol0_ThLrXguYwwWzFkq9MvE5E62RwqGasaxNMCayTv50fN0OncK0ccyGGtcjb0d7_9qmruZCiLf40sC0H5-ctce6sLILdYjqgUyk3XfEqpp01wSCDO2b5_CavnM1A8wFSh6QMBbIr_KD47U43vrMdOR0y6jJxHTx1u2a-IDeGx2f8lMIsQNkPeBkSAuLCInM8YgaCRQ0EB-oQCrEY5npXQ_daPD9aF-kj63rumx7UHYZTplDqnLnpcfDhHBAvZYIwflCJChFNKYSaWRNGe3ca8ehuoyqgkyaZkGRdNNlikVtu4GyUfeycUh98Ou0ZTwQw7fKWHDrqUmzwqSGdhiGM_0BqXBM8Bg9r-eRuK8D2GScrNH6p2TShYYMEA8f1noQjgQOzcgS_UnQphbz9r3ZsS4SmMiygbl8WnJ2a0vhnSsLAf70nWhuE4nzkucnIB3XGPkZvB6pafimaL5hJd-9YxCAXhviqT8eOkop5cLjK_A5nNyN-zpJBMpcZCg8NZ0pZNb4kMh0lAur6KJt_k363hg7vVte027o2Ls3xCq6tgZKP9Xzq32yFzPe4tLChBttr5h_-JlGpS1VPBRTG2UontP4trj-RgseLjmhm-oVmPqBDb8lk-J5SsQkoitRyytffGFYarxmpifbAJksHgemaV53GlVviXPe-CGjIal4HAqjzNQcOVsETqrTpB0QKHrM8NGJruG3z4NWMuvaiQBgX_FvcsHslSU4tQixJyJS9_K9RQzO40XX3QqEsPQoNWKY-BCLNNWNdCN5CdCvMW4VodcdDPIsvxfhn5gOFd0MygTy_3sEmqd1gk1s0rV9NN4v--eas6_lEG8T7_X2S93CtQlLRMyJCoY3W3tJ6TRRyxsWNMyHeDc4xume4b8jqsuBgO9k_pl3QjsoTk8PvT29S9BPSF-oZTHB18eGhpJkAItPxhkThbwAolg4fw8aq74VA_NvUzi-6oNPh2nFPFnKXxZ_GZmJcN8ZIAYKhN9BGbnMg5EJOuyqXAezfAk2X31pkReRmPawtu9nWz4Q4ffE3ehkX0AUI4QGJILwN1LdjmfH0UVOyUXKHp3i63k4QH2iUfW81TpdoZnprBKmn4nHc8N3Ag7HSLkXYwi8LRSiKBN9uqT_Gbv0TwP3jv7pJZtpYpFaI4n0KDxuxlusOoRpaDyhNsC-uOQ5wmx-pryqiNQL_39DWYFCM_6NGUCwrcmEI2cI2RKtd6i44SGmuXs5iT-7h_bpf6KY0ALvsWKDLHYFsq_nrIE-fDEq6ncAIxpBb0PrHdlm2sx6OFyoi85izKMZiup7AQOuOkmM21vBrPm1W_9KBd9X6l-xoFz5sZ5YPzZrH27XTu0N_grUe88IFQSpPARsCFYEO2-4E91LGQAbwzzWmVCIxLB1nMk8qgLBl5gZxnS4AQEOo3NtpuCNO2H20xqJAQoeKwq0gVrkKPVYP8Jo79shhygnseRNSRwabHHRMsqX8bH7FA3amAu3ZhKh_deJEBmbdHDuMW9XdWaVHvWOJEfu6NAve5VxDAYNia40RE0x0M5ocYHNJgKbZlfs76c6PL7aXBSxGQXWQoHpPpVAJCHYesZJnFxR_orYGYKzaxWloygCVDxJSs0A5NoJe4jQpEtw9AElPge3SXaFZ6K9vM_JoRjdoTFWqf31zRFBlG92J78UB4jHpueGDdk0YfT5uOZ5MO-2TLU3I4sMG6Sek_wew2fVo6r5qzUoXRGyljaSBFKdb1LV9ZD_mfDLN6hP_A2BcLSMOkuAnx55P14rJfDAEjvo4bz8x9nmgHDwnxW2vgST9zwD5-jVgLeUtc0yo7uaxy9ZUq1N8qxQlQdOUrVQ-aVPNfftmnqEEcpwOtCyllEgFYsc02_7Pq-IA-H3i83bbY_ESCEJ1kM_tBMVAxrlUg2epiPlus2hlLyOJTcDI98aeQWJYVVp4IG-txPi1bPZ3OD7uqLszt3S69jafdZeOA0b0GH1KJEf1tK6QQMQnXNKkpCZLW4xpeeyepegRUQCCVWRio3Yf5lpsAL6Ymg69vcJuomgIsYN01KDpXHU8WuzbEYuqGUqUS9eg9q_NtgYzHkDt6OqGkHzlth3JBLiPgPBvxIqyJoiEWzXpqB4iy3D16e6tkG7zaUHG7AjIMwsckXmQe_WMxPmZ_V32JhESoFBj5wy7ixyeLTTzR3oxbFv0fIUviPTYJ1QsYdYrVggOteyt9PTdJgjnHZ8-YCN3ExqieWeIJ3HGK0lehjEENeLclJ6FSJVl62_Ne1gJGYRY8cgTxleFBAJAg9UvDuVVRGYXPJUKPui9ZIkLEEVvF-mq6qgzk0bot2C-InFW_lPbonTFAGsNxYhMvGV6E9dhRcqg-1Kw34FXlp8SOsNVcz_2vgicOtS0hG9g32-tY0OlKB7c-NGz0TNl2aT-dDy745qmonvSbw6aj-oXuSdD5wJ8Vl0sfyqHM3oLmG0qA634DS6csZAhO9DV3NIvSrHJCMnKfnRi-BQSTwokGAP_uvD6YRoh8_4Pj7OekbXMo95cPZWS4VEilWi086KBXDmJW6VrCHJXytrF888Kz_UOAr3DqH6pXvFtdlkds2EDnTTfv9z_hlJUcdEGNYoKxCd66qe_NTanZsOwClKVUQKLPNygPrWIuMk2T6TofDWrS5zRj7XIZpdjUD10-WWCCaUPRcKgyrXGcBzwnIvwd4VOL9jYuh0bGAb3mCP0FoKS6dOwYfWD9voHuXzGIW2asVN7_exrw&cid=CAQSPABygQiD_uZ0Jt1ig9CtJpG8j0gExSRrCb98ypY97ltzpPm0PNRA0DGFzjSYkFDVQXAnxTQERzelEgdAnhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14567810932415973000&adk=3690638929&idt=157&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de1346a42d1d61f1b1bb581cc38a9a6662570b67fbca3b9d4dd3b36e446b6a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
76326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10880
x-xss-protection
0
server
cafe
etag
12570010719352825067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:03:21 GMT
cta-hover.svg
s0.2mdn.net/sadbundle/12247220816584491620/ Frame 15D8
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12247220816584491620/cta-hover.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee29fecfaf331e93d4dd4ff92766eb874b8b966b7e3a1a099ad98afe8c96d3fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1276
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:14:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 15:47:40 GMT
cta.svg
s0.2mdn.net/sadbundle/12247220816584491620/ Frame 15D8
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12247220816584491620/cta.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56dbaab92e20e38ee3cff7853f6af50a636b5ab296763c1e479c857562006344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162924
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1277
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:14:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 18:00:04 GMT
logo.svg
s0.2mdn.net/sadbundle/12247220816584491620/ Frame 15D8
12 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12247220816584491620/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
161f37405c95a2723b85d1887658fbc3f7ea0e38242b85fa6bd3b96abb221933
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 20:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68893
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4867
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:14:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 20:07:15 GMT
h1.svg
s0.2mdn.net/sadbundle/12247220816584491620/ Frame 15D8
19 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12247220816584491620/h1.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6626207220a537d31b7562c60e66dd4776d6776c810a86bdd0460843617a024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 05:03:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36713
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7143
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:14:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 06 May 2024 05:03:35 GMT
bg.svg
s0.2mdn.net/sadbundle/12247220816584491620/ Frame 15D8
152 B
161 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12247220816584491620/bg.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab6b1c9777228aa7ad49641cf3b11dc7b5ed48f45e4d1bcea4fb02f29fa35385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 19:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:14:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 19:02:13 GMT
img.png
s0.2mdn.net/sadbundle/12247220816584491620/ Frame 15D8
31 KB
32 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12247220816584491620/img.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9888bb84d5141cdd58edc42da28eef87beaba438117339a770545d116b0417d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12247220816584491620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 05:03:35 GMT
x-content-type-options
nosniff
age
36713
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32240
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:14:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 06 May 2024 05:03:35 GMT
diwan_1-2512.ts
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
448 KB
448 KB
Fetch
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1-2512.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
b728be4236f37f7a222ecb1638a2c1c4d58db7cd8316887b58e3115f72c34631

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:28 GMT
Last-Modified
Sun, 07 May 2023 15:15:04 GMT
Server
amazon
ETag
"6457c078-6fe70"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
458352
j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
pagead2.googlesyndication.com/bg/ Frame C6D1
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 14:51:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
87815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 May 2024 14:51:53 GMT
csi
csi.gstatic.com/ Frame 726C
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lhdk2re5&c=6911857991581&slotId=3455928995790.5&qqid=COHl_-6_4_4CFcjb3godrl0P7w&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=6&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&umsem=0&met.4=atrd.19w&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230503_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4003:c0c::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 00B7
640 B
262 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY6KCg5QEwAQ&v=APEucNUpnxb6u3h25pQxOo18JKKDyoDVXWhk0qAAg2T08yAs_6BUnRc4Xg9aPUAkluON8PvjfjhSgf197lLXHDMEiR_lnU6dy3OLMS_JsqXa5jM3rXgfFrKPNsUdwGmNnNQh331ftAEmUILH_kNzu7LrNNt2Jx1SjIVJ7taqC0Hk25nksXiDsYw
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F91B
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F91B
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEegbs7JDXZG9wOZ83gqTmDybNcvvV5wk4V2aLNrGZap_ezmmP0J5TS4isurlqXRq00NhC8GYJgny0t44shLmEY3zX8Iqn4pvRg6eOfydSRHRlHko
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F91B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5677650128719709435&x=1&ct=76
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame F91B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 13:50:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame F91B
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
l
www.google.com/ads/measurement/ Frame F91B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmPm1pYC9N82RPmbRqfFBF_2FGZJG8t_lNGIMc6JOkdMbJhC21_NAAyJX5gI3wKp3YKKXb3f-xzyIlAxX3kaXw0zSVSg
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F91B
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:28 GMT
33b0d744-cbf9-4b38-b9e2-6584576383c6
https://yalla-shoots.tv/ Frame 44B4
62 KB
0
Other
General
Full URL
blob:https://yalla-shoots.tv/33b0d744-cbf9-4b38-b9e2-6584576383c6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
63763
Content-Type
text/javascript
c
prebid.a-mo.net/a/
0
44 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 07 May 2023 15:15:27 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
cdb
bidder.criteo.com/
2 KB
2 KB
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=33824500423
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
841992b410649482f85110789523e62a16e7e679001e274ee3686b264830fcea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 07 May 2023 15:15:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1630
bid
ap.lijit.com/rtb/
25 B
527 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
40cd1be0f1154397f4caa5a34de9b95512449416f3816543f96a2d7426d6efec

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 May 2023 15:15:28 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
mp.4dex.io/
0
64 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c3a6b249ffb1da4-FRA
expires
0
prebid-request
onetag-sys.com/
15 B
362 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
channel
us.web3-lab.com/v1/ Frame 44B4
446 B
721 B
Fetch
General
Full URL
https://us.web3-lab.com:8443/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dca9375c710c5c1c5a0e5b68d08211393f151f5c1a61a47b3cee64ae29c73b

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLT6XdugM4VbmbYU2KptgORSHDljH6uYjjM%2FoHxnpSozK9rH9VAqd2HqZE7s%2F1au9m47NgCZ2xLTIxc%2FuCNtlUY6SR2rKvRrCKAgj7k52%2FyANwLkrfjeC3pCSoEpNo46gP1bQDwmHfUzbsE%2FdYEJtx%2FBtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7c3a6b24ecc8368b-FRA
alt-svc
h3=":8443"; ma=86400, h3-29=":8443"; ma=86400
current
dclk-match.dotomi.com/match/bounce/ Frame B16E
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFo0gMZmbG_aqMvg9g1l6n0&google_cver=1&google_push=ATf1kGMZUTilNpzAZI4ljJgcJmkXX3KBKbZjdfiaQ2dOwoWauh0PcKQsmrDwyJC-lF54lAAMDEQTJAaIPzrd6gCc0WFciqMzl_c
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame B16E
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEP9GXy62XPomT6JzOBwZf2I&google_cver=1&google_push=ATf1kGNMOlwZ_DcA32K9KV0Itiq1o0umWdRb-NTb7HL4hyJ1a118sVc5ejOmkE8LM_rWJm5d-ntkiWYQC5sx5wkRZ-amfSrn2Co
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0M2MTI2QjM1NjdGRDhEMQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0M2MTI2QjM1NjdGRDhEMQ==
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0M2MTI2QjM1NjdGRDhEMQ==
date
Sun, 07 May 2023 15:15:28 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame B16E
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENHUBmNIpy_Lo7_SfGkwrf4&google_cver=1&google_push=ATf1kGOnuOqMYSV8A9lGcyjvemPWM1bi9hDC1RzsemFJiRZhwL1XA_we0RdvU4gQnEJIEKqFKd58A4p5wzTWi7uu...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yCaXNk7FRligDtlxOG1aIQ2&google_push=ATf1kGOnuOqMYSV8A9lGcyjvemPWM1bi9hDC1RzsemFJiRZhwL1XA_we0RdvU4gQnEJIEKqFKd58A4p5wzTWi7uuQQ1QtYyuXA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yCaXNk7FRligDtlxOG1aIQ2&google_push=ATf1kGOnuOqMYSV8A9lGcyjvemPWM1bi9hDC1RzsemFJiRZhwL1XA_we0RdvU4gQnEJIEKqFKd58A4p5wzTWi7uuQQ1QtYyuXA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 07 May 2023 15:15:28 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yCaXNk7FRligDtlxOG1aIQ2&google_push=ATf1kGOnuOqMYSV8A9lGcyjvemPWM1bi9hDC1RzsemFJiRZhwL1XA_we0RdvU4gQnEJIEKqFKd58A4p5wzTWi7uuQQ1QtYyuXA
x-host
tde-deliveryengine-production-797dcffc79-8vfcb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame B16E
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_fmyvmu-MQwoSUfQfl-SU&google_cver=1&google_push=ATf1kGNYPsMoGFORpKs4roKZ-zYs_ZdQlvTQI2gTKWmTUJjHIuw2xF_1OXPhcrDi1O6naUk7LC_bvuZHYE4...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGNYPsMoGFORpKs4roKZ-zYs_ZdQlvTQI2gTKWmTUJjHIuw2xF_1OXPhcrDi1O6naUk7LC_bvuZHYE4q0VNu41g4SHsJH6c
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGNYPsMoGFORpKs4roKZ-zYs_ZdQlvTQI2gTKWmTUJjHIuw2xF_1OXPhcrDi1O6naUk7LC_bvuZHYE4q0VNu41g4SHsJH6c
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGNYPsMoGFORpKs4roKZ-zYs_ZdQlvTQI2gTKWmTUJjHIuw2xF_1OXPhcrDi1O6naUk7LC_bvuZHYE4q0VNu41g4SHsJH6c
Date
Sun, 07 May 2023 15:15:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame B16E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENba0PUp1UD-6swQi4-o6iE&google_cver=1&google_push=ATf1kGMH5sOhyhJeJX4dtvvoJH2Zvwqx1Qj5NOj9I6YsquLBc6TH4ebsLAyNZZ6pbYJBrT22qNZHQemG2GgM1...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENba0PUp1UD-6swQi4-o6iE&google_push=ATf1kGMH5sOhyhJeJX4dtvvoJH2Zvwqx1Qj5NOj9I6YsquLBc6TH4ebsLAyNZZ6pbYJBrT22qNZHQemG2GgM1...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMH5sOhyhJeJX4dtvvoJH2Zvwqx1Qj5NOj9I6YsquLBc6TH4ebsLAyNZZ6pbYJBrT22qNZHQemG2GgM1IUgyao5jCLqwUo&google_hm=SXNaaWJWWU9tZW9LYkNtZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMH5sOhyhJeJX4dtvvoJH2Zvwqx1Qj5NOj9I6YsquLBc6TH4ebsLAyNZZ6pbYJBrT22qNZHQemG2GgM1IUgyao5jCLqwUo&google_hm=SXNaaWJWWU9tZW9LYkNtZGdLMms=
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:28 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMH5sOhyhJeJX4dtvvoJH2Zvwqx1Qj5NOj9I6YsquLBc6TH4ebsLAyNZZ6pbYJBrT22qNZHQemG2GgM1IUgyao5jCLqwUo&google_hm=SXNaaWJWWU9tZW9LYkNtZGdLMms=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B16E
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOs0KtwCcLoLSYvTJlxdPCo&google_cver=1&google_push=ATf1kGOIcLInWY29TT-bsorMge30RCYXY8CozqI1zBnuxirLLRAqDy8PYxq4u6fD-u4nvV_jm4rhVVZVVQjiX-Hw5OosLW...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOs0KtwCcLoLSYvTJlxdPCo&google_cver=1&google_push=ATf1kGOIcLInWY29TT-bsorMge30RCYXY8CozqI1zBnuxirLLRAqDy8PYxq4u6fD-u4nvV_jm4rhVVZVVQjiX-Hw...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGOIcLInWY29TT-bsorMge30RCYXY8CozqI1zBnuxirLLRAqDy8PYxq4u6fD-u4nvV_jm4rhVVZVVQjiX-H...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGOIcLInWY29TT-bsorMge30RCYXY8CozqI1zBnuxirLLRAqDy8PYxq4u6fD-u4nvV_jm4rhVVZVVQjiX-Hw5OosLWhM-9A
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGOIcLInWY29TT-bsorMge30RCYXY8CozqI1zBnuxirLLRAqDy8PYxq4u6fD-u4nvV_jm4rhVVZVVQjiX-Hw5OosLWhM-9A
access-control-allow-origin
*
date
Sun, 07 May 2023 15:15:28 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
match.sharethrough.com/E4rooAtA/ Frame B16E
0
366 B
Image
General
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECNjdzji9vDOcTfyR83Apzk&google_cver=1&google_push=ATf1kGNF6HfRmMNJxxQCtpgZRvnKDz0j1Uvdn0YiWfDJjIcP_-mkX-faJghWew5u1OqdU3K0k7ubY5K07Kk0PUwze-v3yjYBhwj6
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.250.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-250-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B16E
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1dH73R2lAVo1QS9R5glDI5EX9f7mNXfRej7ewsiGnAA2Z-_RPB-NJc5Oc57D0-OvY9BTuWw
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 69CC
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?VyqTuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame F983
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:28 GMT
expires
Sun, 07 May 2023 15:15:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 00B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7IHyd9s88qKhB01DdRkqU&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7IHyd9s88qKhB01DdRkqU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY6KCg5QEwAQ&v=APEucNUpnxb6u3h25pQxOo18JKKDyoDVXWhk0qAAg2T08yAs_6BUnRc4Xg9aPUAkluON8PvjfjhSgf197lLXHDMEiR_lnU6dy3OLMS_JsqXa5jM3rXgfFrKPNsUdwGmNnNQh331ftAEmUILH_kNzu7LrNNt2Jx1SjIVJ7taqC0Hk25nksXiDsYw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7IHyd9s88qKhB01DdRkqU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 00B7
43 B
75 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY6KCg5QEwAQ&v=APEucNUpnxb6u3h25pQxOo18JKKDyoDVXWhk0qAAg2T08yAs_6BUnRc4Xg9aPUAkluON8PvjfjhSgf197lLXHDMEiR_lnU6dy3OLMS_JsqXa5jM3rXgfFrKPNsUdwGmNnNQh331ftAEmUILH_kNzu7LrNNt2Jx1SjIVJ7taqC0Hk25nksXiDsYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 00B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECRwTL8OVQ3ymZyNZz_Mhpw&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECRwTL8OVQ3ymZyNZz_Mhpw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY6KCg5QEwAQ&v=APEucNUpnxb6u3h25pQxOo18JKKDyoDVXWhk0qAAg2T08yAs_6BUnRc4Xg9aPUAkluON8PvjfjhSgf197lLXHDMEiR_lnU6dy3OLMS_JsqXa5jM3rXgfFrKPNsUdwGmNnNQh331ftAEmUILH_kNzu7LrNNt2Jx1SjIVJ7taqC0Hk25nksXiDsYw
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Sun, 07 May 2023 15:15:28 GMT
pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECRwTL8OVQ3ymZyNZz_Mhpw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 00B7
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY6KCg5QEwAQ&v=APEucNUpnxb6u3h25pQxOo18JKKDyoDVXWhk0qAAg2T08yAs_6BUnRc4Xg9aPUAkluON8PvjfjhSgf197lLXHDMEiR_lnU6dy3OLMS_JsqXa5jM3rXgfFrKPNsUdwGmNnNQh331ftAEmUILH_kNzu7LrNNt2Jx1SjIVJ7taqC0Hk25nksXiDsYw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Sun, 07 May 2023 15:15:28 GMT
pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
728x090.html
s0.2mdn.net/sadbundle/17952959967271059456/ Frame 4765
47 KB
12 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:28 GMT
expires
Mon, 06 May 2024 15:15:28 GMT
last-modified
Wed, 15 Feb 2023 15:44:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E248
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlQHJZXYmPA9Dgq_3OLJmLavtFv1Vf0lMKom0ARHCb_DJrrTOU4zTnTcdeWNouqA7oG2hkT7HRYmK-e71tEnCCkU3tT0mhiHWfSzvJfZz5Tkpy4Gy64OQCdA14LumTOQ3h6m3XP0VRKFFFlugZIfqGT_8gK9W4lazQct6lsfNMu-LRqOa759NvYJIgX8Io4CfPaEQB_od_7-mHWXqkfaxDlDRAoECkw0GRmQVY6MXBt89WeMN6YQQqZkpg8OfzapPeJS1ozLUv_QlsGjs4NmQYAlKEXVHWI-79Lli4GhAmkzt08bbS4My94kV4erWYbfpewzNxl2yGQgxF263mlQoI96HEwrVIntXdTER3YX1iUNBeocmOThSMTR0IvC8SoNojik_EP1oyn7y-36vNB-qzeq34AZpMpbWBJy2SAyB0CBS8SPUv-wDffAKaiEFHi6lBD6SdDoFp7LpG0opA7JO4tVxxzKYKdteFvTfKIKRQ2GjePSDBZnjKd5rL3jo1135nx9ucce24oD_BWk0-681gnzyrHoUv-MJyWHPEmuY2qh-GBf0C5NdBW-wKr_AqEBF-MZXZdlC0fi0Fkexiq2IKvqWYG9bWA9y1ssjMaZRRnxnvWgGZXwzPJhUxPK6ZTHGGtGjb95FmwtMSrSbo_m34QDctvWpRt6Hamg3T4dUiyNF7pm4yzEOO20BEwBOEQWT664BG8SubcPZA0qxOg0MufBxf-LY4cekBGlo47wY4dOULgKuKQW8Vnh5cVO-9HAxq3S4CnNUAW8RqhyA2kxBaMbe7okfRsQUu9y-AWANLXKWH68U84_tg9KGIC2hDZgyCE9Iz3OJMWVIRrnIz013tLuhANbdl-yaa7NDcaOCHKRiHoan_2E-M8ekdqrs98toXvatFdMBbUFdSyfjbiYth6iEY0-UrYq5mRt_NWDP7zJGDMdUmXiwWnDhheGdWdk-vPZgmXcPbK75qgGIVeMAC-nqK_4a-TQgCSSKOdvfmappMiGdO3obKU5T3GOna39GuxaOy7UHf6S5P6qiVCYTfrkcEjnblhQZhfuPcnEHVF4WrTT73GRNYYmmuYcZkd1InSbKsnaTCtaxCrahfs5bdORZxjmuxK8koZsqdsPRxWstP5NyjoYLfcPLBCPykaxyzD_-w-7LABrl9xiMwrrvv6_9_1QC1ONwwooBceMOUfMLya8h3uSKHDpl7Q3Xo7fwW4CzYbQlp1pBCf-6UbO-6t2nNzC9ZrnDKIZRVoc9ZOh5hz31UdIFD2883-mkguvJahrr_TxaUMioUjHE_hE1mkD32UwpabCvTtI_26RWlE3n5P9O6Q_ItGUPT&sai=AMfl-YTAGS2tYrDfy3kP0CKiBS4bJzLO3KTYdWwbuoYhG0u7xnLn3c0ZsOKI2TZFrOOEWvJhhqzuy2VA9otC0tXAmM5bSUsf2DmDDQgivEusW_KzHTEBAK0rIibmMpRrs3FmZ79r9-JmJLJ7DsaVdnY0O-5fp2YEaG14om4pHFbKIIR_jTl1ZJKOaK1LmVrXNDHRvaad43Zt1d1meWCORwRP1jLO5tu5mOl6GFgU0nPWd6LGMPv95Yv22hLvSPcuVn7ppG6KBGRHN0embipobw-E7ieaDmRN5ZUM&sig=Cg0ArKJSzF1vvpkr9FknEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=305&cbvp=1&cstd=291&cisv=r20230502.11037&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:28 GMT
728x90.html
s0.2mdn.net/sadbundle/10202089977740236388/ Frame 99DD
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/10202089977740236388/728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2ec9b7ff4e35b6c1b8a9f4ade556b03d5fa2678e5c08aa9798a4015ba6080d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
84762
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2323
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 15:42:46 GMT
expires
Sun, 05 May 2024 15:42:46 GMT
last-modified
Fri, 20 Jan 2023 22:06:35 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B621
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuCe8CeDth5t0QuXnGs3Qjh-rOEN6vwqgzel4U3zTxZELA1nPCubEOSR_I3H-xFiwefiHh8FZHuT0dbPpimHz6ddppX0nIl-O6N3ObVSVNjQ2ZFXB0vqPgXLA9fkoJcSgHrdOAUKQuJKd8CGPIdNX6wyqdhXwH_RTVyK4mNmseFLrMLZrWwBzRhUJowq7IjgGE9plvDTiep2eE8Q9IGNBVQqbWlPliTIrTMLrnezWcUAtDjy4B-jEfO4u-mAlKj_9ubhraIyidHbyJNfNDgBZQt4MCBtT6KRR1xqeXlyGvwSJUftOBCV8tHeE6eUrvhd-QlTZ-yI6YqGFyhHGZBbHC2yj-yeJdrPp5kLv3yoUUMq_YrXr2Hi4fJe9Vjn1tjB6-9AB8TrkbFKTndzHIaPu3dghIh9yMCPjhsxN_NPtcIZCXNCJ9qbJV1EW_3ZNcuvVR2MvLaHMvTDqjD1Rh563pKY4pn0gcn0j-g3lGOG5C75CIXmiyvdhzelq-L53Wk8ywiP6bvRlPrU-DpgTAE9tIRmSu7B3w0skUCA-tBlZeex0u0ldV4Bvob719Q9PEDgLaHvBvy8la9PvTldF3P4WHYj42ixG6qMmqCppDm2n1Dg9dJNwvh-_QJ9zkrfHE3tGG3nH15PMJ_6g6I2okiH8SwqNcMpNcZ575F4pJVlOE4h5NIG2E1TYC7wOjBMJifCQmV09AEVEiG9NPsPW-hK0yWJyzIC-NaBdOByyS4iR7UKx9pMUfXhxATG_tqZvqt_zs24rCXGtW4khSkAj6B1p8zaXSFYkzvxnznFAqU9AmwZwupTnuQJDlEMsSeyGS0Rv3czhLKHy3R-JKSP4oMI60MRjeaTjpfJIs7fzxIUD2ljQGSbClFT2tJhWDrw5fdkPLPSr2Jl8unpV_SV7dkjomwFCamo6Yv-x2qjAOe0a44nR1-HoVIz5DiluQCKpFVrNdamNYPMK_XBao1C_4OYYUrAxeXAhJ4B_vOfxIeqApUd1nFOrsRsV4SMlAaLjDkw2TRkhU7fBkNM7s1V3Mb6zq2z_QzTQASOTyoSIWnA3ORlvUj6_EMaUvOV-S-oXQ1QLUh2xS2nyD_OXIcHs1cn2wuFovBSbXiE0RuAeN1_OFeceHYpKj6__aGRuKYC4od6YqfLdbscwq99BkFa4y2quMJ9m5IQc24rAo2hqAZSD3PYsnWHxX55WaAm7RULrQMAvXjnmmT-3LK1ITiOJs57V0RmdxsPu9Dss_0A&sai=AMfl-YTkRr1CtCZgEmORMFOBS5jTZovflcD9eqih4GTqdwjkh7aGWOHV4mq7JrAhxCt3fLhdKB-ora9CE1gtd95fnq67AcWjJxBpfmERHxGkNaquDYg3OjHCIRcPpOKCwguUv_ZmdR35nqSIcscC7_6z9FmlGBG6qGGCOYq93Kak7u-zbfCDW0hdcYNyS2TPRIhxewnPyLKQqp9pmTfJufhQ77EYy_kjT4-v9xXK8SWzsWQPlo4_hwf9PHNtH6XSGagCxk-xl4A&sig=Cg0ArKJSzKzb5t_NN3UWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=272&cisv=r20230502.57079&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E248
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B5E3
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72903
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Sun, 07 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E248
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f1f98a399c2114b16df6c438ea674306aae62affbf7d315201d228a85a7eb11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B621
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8753
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72903
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Sun, 07 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4765
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 May 2023 08:32:17 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4765
63 KB
25 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 May 2023 15:15:28 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 99DD
236 KB
63 KB
Script
General
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10202089977740236388/728x90.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Sun, 07 May 2023 15:30:28 GMT
728x90.js
s0.2mdn.net/sadbundle/10202089977740236388/ Frame 99DD
46 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/10202089977740236388/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10202089977740236388/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6e099e45effde47e0b018eb99a0b0ba76ab1a5d6f1a819b94d77c066326c6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10202089977740236388/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 20:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65931
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10197
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 22:06:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 20:56:37 GMT
diwan_1-2512.ts
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
1 B
440 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1-2512.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
5e37305c587caf07e99a08e1efd0749fd3bbbb855752e4d568ac2dbfc2025464

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=0-0

Response headers

Date
Sun, 07 May 2023 15:15:28 GMT
Last-Modified
Sun, 07 May 2023 15:15:04 GMT
Server
amazon
ETag
"6457c078-6fe70"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/458352
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Content-Length
1
gen_204
pagead2.googlesyndication.com/pagead/ Frame F91B
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6032385284685&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F91B
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6032385284685&version=m202301230201&ct=76&x=1&cor=5677650128719709000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F91B
83 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLHy9_GY0-Ubx7eNNg6l_VG2EqzoEKBim4Lo32C9rGPEiohOpK7pSfSf9VoqVD39WKgkYul59mOWqbrfgsIpLvg0Tyuw&cry=1&dbm_d=AKAmf-AiQ2lh2EG8bkvtoPf1zizTW1vv_BHh4nz3lbIFYG4lBNaRgp0crNQBbR49asKWIOJTVCDufljkxNUJLckTBqJVc9xcRRfN54LIgTx6PixsIXT8XCgpQucB_UwPK-hbK0KE3mqXuqpY9rtju_VvHl8ODkmcTe6eyLC564MDynyxnFnnMhR5qdaS0_wo4Aqz5u2xxcjbuGqvPIgUwcZWLuHCyNIuFVq6vO2pr8TcsIzQUqLAGxsJXn3ORW6jFzh5Bv_N6WRMxgvut0tVZIfQcE-7lDXg_N1JFf2NTbxIxs3QTMQdu3F88N1J-z2ZDRz9fdgHLqZuA8AuscXVvRJz2UwP_kgQ00VEDtuY-IGjLL-saJo8h8uRKMc3nQYn5oQ88faKbU707FKjGlZgGc38GsCvibPGvJNQH9uHUL5R-GitThOSADgjeombTOj8p7yjM0C4Bjn6cZG1iskF0Ij2JHkwu0mQCPkYt61V5XzZRGqL2wtVm_E0qiaxqWVqQzkYq9HUReCUvgrm64lG4Sk6zpcR4-fvVo23U27zZLLBG0OTIRtaIrwOB6Pt-jUlwcPmsxhQsZBxlHOOpoeoJN0zSrv129QZwk70uNlWEa5Zoq1I8lRmIP3_TPyLwvi_ntCOQ_KOYJVQDSMsOYlaM90iCLUbJCrS2l2V745cXjuO6AFdj03AYwSzaQtm2oJlppvQgdI8qODn7vzzDJdjbqEqKjOAb-kntmlU93NMyO9DuedxaquB6KB1jx3M02p0EgfTiqEtYDZwpazET12vGZUV3yXuC7McR32cgC2pok4j1HV89bUxZzCJLnZ9v4JQa_v4yH2czVV1jYFFTLH2-Ay8CPW7hbztgK_PPw9jbUYHUF-9gDGgNE731kZV3EkYweYm2znwNDrgBiYJnM2tMH1Qi_R3ovqi_ZOT8sK4G0b3YCmEARFNOqlT3I272aOoFg-jFaRBUL_C7Ged-7xt7qPoyGKJ-Op0C3nxLDxp2BiHRX3X1ep_VhObk42jzfwBHlVkzK0jTlF4083ntzq-0ckjSHJqhUUS07RwBhgHbA6o1WFWbJeisUGz3nQQ4s5EKWeJUY0nYjE5dP_avh6ezA1CFM8z_p82loQFafqWjI69iZu4IbAWP3b3zNsOrKpAX_u1BtZvbo40aP81A5ZjoBKUN7UizCB-e2nIWCmr1sUwEBJ-6YzQKsgEjHpJcwlh2cC4GFAHLuXmxTvbsMbzlXy1JeMJ0eUDhbnsq9-yXhmHFrv1lVtuxD1NJ1eFB0GpjPy4eX2bthSs3K6pind5hW2B7FxJhJwP-4d9KPnpzOKDnK8hWQH7bU9PpSZbMJgDdQt3MPaJRmFhisl1ksXTOBE8IR5zTfguc3VnYmkBrwABVHj2CGIAZlbbHLXHR6_O5V04JowUlPY23_DCDj4CRjxDVfOuzDFl_fVZvw78JlXhrt-idE050KW_F309loD8LzkZsWiCWyqEaJ-KX5FiWQeYiFxni4Tpq9Blc4IKwSJS5tUh3_8FS4xl4xnpIE8FVPEM5yNgdEAPRbAqs_E1EUd9fMQdX_WjdSEsb58vi30TvKBkpvsQ0gnWlNxfgl7kO9a02WdNEPJnB_rv6clC5XFmYmEzvsEgyINyPhhz7vlsMokZHqebbrBxoBZqt_c_fTKmmFy3gPGWvtHvOVJRzWaq3vxvo5twfbyIPAI1vyNOr7ml_Qf2zqGdgPzJ9pmKrrVR2qoNSCCJ-_5x7y7DTbAkPN3hOZGkzOMgKYR4-uL83hNygix9PFaF0Cg6ObOvTNFr2x9nUnTD8lhnaAt4TujlfxewO2ULXVSEn4pe7UW8igWxCFCvKy0h9kCTgJIfP8SJ14Dc3581Gu9xFHPcg3dMhtCMGjECQf_zBK62emmanrt9Oc0mbx7yqlrJfyHOwks9GoXcI6wcjFtb0U3JOlA3eYGUK57I_weMAdXG_YVrx_xVOA5q1UBBRybKoeo9SPVntt2VK7MZYe9qhwUb4OK6JmDXrmai0WLVourAAPi_eXjOqasIPuz_VrkwVtoBhj-zXEG5l2pIUSLHDdudWjcB7s5bz37m-ePn4BvSPlW9GIZoZPeEOqkZxTO93zfiQQpUy7xnYg4_m5yhNrl0cTDcUDUnA18iM0lnL13HuLG_ns1nM2l2q472dMKSaEkm7gD41RT1JRSecHWJWPdyW9QD_kgHFW_t9knghBO3XkR2OYiQSeo4KFh7PRwPtzN9uubbDonCabigHaCeZRGGBr9s8jrdjEumLRtWYyJsEJ4rgTVdU4dmu-8QdwoOABHFU3yvSyO1Ii10gnCIlUwu3-NKXfzyNNyWpihPzQXKa2YhxfD3d6AcfwFWJ7jukQt9U_XASOSCvSFfD8XnDYvRzYTyfP9R-xPjND9hH7lfkKhRMfh79vtYGGdd5rLFsIqtWnXDr_R_Fn5fgj5sM780hz7V9mghD0qi3vouHhDFmw-604v0mhNYYOxIMDQFmRjzUW7aaOoEs1pAxjtRRwZRVes4E2FzKC73T3UUYhAR_eyT6oooTilA8BItopym7ra-P-Tootm5d9HmVZCLdB73fsP_SgGI3lB7nayCXfxeWUI5qet-skjkF-3ChzyXX6FbQitGQkIoH21Q0s-CgZd05aV3BmFyYrRf663M1HEYcdZyFBjrzGzJDiGW1nAocD-cRS5P2EkDoHgbaEIZZdlupOaJcri9m0QxSTTaPO9_PAn2D_jxTyCV8rLqh1PAJ5eKZRgg6snB2bZV4cQ8AFXdWgklTsyfMpRnMj386qwyt8ZZs1VSKqL6xxnYoMAL_1ne6Op8Tuhe6Z81YgX8_0Krw4gdOy96dLdLWY87d0Ov1Y5KLDO5BG4Li6uWUYyYnPlVMjqtTSPpCuMOd_c1dXvYRFVXxDIadQN7lTEtOzf1fbhEYBkrUriZERfziJllUhbWXsSQ4FodNC6R-YmRSGV05DH2h_37evbLQk7L_NKjcahG9r0-OKFu1lRwVKJWhRkFpDq-b4URqbDdOxtb7rs8PRXDpJKvaI6bhWZ7IDt0gLK_-BBp9WnISqudXCRxobQ5mhsn_fwyP7k0LNPI6szdbNovKsyFARV7zYCGGyapq870ugRCdI_gNW1IaCdE1lgHekrYvXRTiH7GvcS47e82ZofF7YxW8D-hKJRtTdDEY-RxKIHtgEn_mEm9lSYmFlQJJT1LQl3ejcMScNfMxmk3Qw8UiLJA6A8ZixMV3Rsfd9owNYg4GTXeQNLIDU_rnoZfMl2kffO9Zc1sjxLBBVwwED53w_BeF6ELNDTZp_jlpNNHgkPxxJOIZqmUMUKQSZiRhmMowStnuMYWQjSfDP4mtiUU2ojSJWPzGMwRuBcutQS7CSKSMjDDc6bVrGajlr9kggD6fRbGmO3NSPok2o5nGRDWGZkG5Ee5uHOFm2cTN4DRZNz0Y6taIDMxmRwJmzErRu3zG5MACuqena38XFgSlAT8O1nSe_Y1XCfYpCAbe1PMrajc8c77JuU&cid=CAQSPABygQiDXibmHz8rfOreoTdVS2LvDEfpTFBcGZMLCEGvIS7vX7RtcXWi8lVlgHd72_ULsluXJVtmib39sRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=5677650128719709000&adk=1033480531&idt=185&cac=0&dtd=40
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21a9fae1cb648ca37f07b210ecaae52801830a7e0b29531b46d10f78095136ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35763
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
384 B
160 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=731725095462800&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=22&adks=144802732&didk=333890768&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1683472527902-0%26hb_r_id%3D238d17f7d92cb18e%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D251108c6b4f52e2c%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472528544&lmt=1683472524&dlt=1683472524875&idt=554&adxs=-160&adys=310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&psts=ABHeCvhZUc_4w9BUO9KNe10o7IqK-mXyr0t-9tO_vf027LK7-Bs__qs4Fh4qbbML9s1ES-yBT7jz1fuFxD8N5oIIILmnG7w%2CABHeCvhUPINZfGG5oiz1Ne5ysFbv4QNpZuuOnpkNBpsCkUqQHjo32y85EkXlUkrBlR8Cn--YM0acskjoLhKE2_Mzrcqio_U%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvgCi7DXl9UxSt2RxE2tyD9K2O9jqp61PBg4PljINncTcsiRUVGPZPdBtx_W5hks7tUZC029NQ6kNC47yLzEwCvjd5Y%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53bc9a5f2381ef0d09e18771b7178b1bddbd47fc86a1202f74f9ccef186f54f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7500
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuj74haCtWxPFiyIrfSdffEwBshc55moQ-UFXGE8IeKjNbQlDII0xb0K7X-6fnNYhLxMkVSFNg4aTI8PBT6m17FvC3PbR0coD7fQE9f8CIEk52iwljj4qSYZu3k630jXNkla2qatsnZ0GqtJKX9dWcCYt16KBmH4e2oxwcfktXy9GEw2o3jpXlJbigoJ7-7q38-i4Qo8zBhA35pD69ammjwlN3sPSZ0Ny-1e5OXRN6HthoDExgJVDVLDAryhGxeUpHRuubuJHefyHnZIrORFVNnxDK7UdQOiKObr0b3DdASByiW0QE0J1Ah-mXtEV3vwGgIfi0zrrGaQkS8SPmc&sai=AMfl-YQ1_U4hFgjHr_W5pWEMGgzxopwDe9QGaC6kQZOk2GotBh_YGVuZfI_X09G903rwPY29Hr0Okx8ZkeaIFmW53UtvtCzoZn48Bo_lZ4kqNMjQuq_6DCOCoDDyt9pmJyc&sig=Cg0ArKJSzMf6Tbv3JzI2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
outbrain.js
widgets.outbrain.com/ Frame 7500
199 KB
72 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.229.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-53.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa7655097dccadd5a2a8bba69c6f25b8d1d61adcbf87206dfb7a80605df9ef77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
last-modified
Sun, 07 May 2023 06:50:33 GMT
etag
"14-GSQJyQqk/xzDFml4Su7/MK338jw"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
89efa2372e99df7bad0688060d125bab
timing-allow-origin
*, *
content-length
72823
access-control-request-headers
X-OB-STG,X-OB-PRD
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7500
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:28 GMT
truncated
/ Frame 7500
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13690075183f5c5e4f107e6cb08ced69e40a7f374851a375c5014d729dedae07

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsHq5,pingTime:0,time:2144,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:2143%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:2143,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2133~0,1~100%5D,as:%5B2134~970.250%5D%7D%7D,%7Bsl:i,t:2143,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2133~0,1~100%5D,as:%5B2134~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:286,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:29,sis:693%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EAB
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2543424880906&version=m202301230201&ct=76&x=1&cor=2437182027386386400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 39A7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLAAqrglhZ3t1Gm60MENoxW48qC6waBLeZV0TDm8VJLy4aC879lAW6pQ99ozRdmzzbrcjg75twFE-YEGXtxRkbpy1D52GgWJ2RbGo3_0v9uvCymn4zjFjuFK6xMlw2Ba7_SGlH6A&sai=AMfl-YQHOAmseKLfUN2fUZFHE7pdJWAMLbXO56vdWWVNkNN61QwND0is20CImE_rVqtuKtuMI9KQ0Y-VdixT3WOlhoZeqf87srnU08jR_fDEh6X4hNuaEWtN1Rx4GNXSpYkUVges-Upxv15otS6z6Q&sig=Cg0ArKJSzKk-0MTbGjCyEAE&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&id=lidar2&mcvt=1246&p=710,263,928,524.5&mtos=1246,1246,1246,1246,1246&tos=1246,0,0,0,0&v=20230504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3368116147&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683472526117&rpt=1411&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 39A7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn69MhRGfkwow2Hd09vWjAJAaNyQPooO3eJi5rXDqLqCRd8IbFurbnZVT-vy7bat7lGj-x7T-BB-uwIiO9qGGsAEs&sig=Cg0ArKJSzKiENCuCCs0yEAE&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&id=lidar2&mcvt=1249&p=30,272,248,533.5&mtos=1249,1249,1249,1249,1249&tos=1249,0,0,0,0&v=20230504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3368116147&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683472526117&rpt=1415&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 39A7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD7YtMHwTyQPAH9mxgurpqFYZZfkIk4fQuKLqAwz0Ixbm7LgatiMBTuOD1zXvypFyaoeC_RJb5mgx8GZMcsnDQ5bs&sig=Cg0ArKJSzBDxK535hdB6EAE&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&id=lidar2&mcvt=1253&p=30,543,248,804.5&mtos=1253,1253,1253,1253,1253&tos=1253,0,0,0,0&v=20230504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3368116147&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683472526117&rpt=1418&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 39A7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufh08ibB8jYyHJP6oP1mbUN_dHBkgapdciF2HDDHpHVcQlhRriMWAve1Bb9QdrLHMbA3GbUNzD8LoOcDRqfcOWINE&sig=Cg0ArKJSzG8NFgVp6anuEAE&cid=CAQSTABygQiDvS2np0jBQZym5MUwgNNy_iAnuHDa-X06SVc7_inBlvKW3hesXj4p3qIMNSQXVoh7NZeARS25_LSZL5to73GRTu5DS6KS-mwYAQ&id=lidar2&mcvt=1256&p=30,813,248,1074.5&mtos=1256,1256,1256,1256,1256&tos=1256,0,0,0,0&v=20230504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3368116147&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683472526117&rpt=1424&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4EAB
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsss8l_nOOwV1RwxddhC7MStUr8PAWMPm7FcbtC9ep6gOtPXu_yLEQeV4op4RWC1leLDgbC5gjMaJB8IGkoA0pj6POCkVT-60MB97aqtqXYcVSPGx8CFFBwG8vllKUuhj4F-yQOJmzw&sai=AMfl-YTS7J5EUSwKovbXRI226I8AR7U61biZVqmASIteyQrwU9rWE5dcQOND9A4-xp7ZY21wGdlMi0ML0JFu0VaHnSwNwNGrxGG6_AASPA-49W4_MWdbk_H6eY9AswEj-fE&sig=Cg0ArKJSzL9_IgBqmV0iEAE&cid=CAQSPgBygQiD7tQ4j5N3su8Fdei-E_uF2WlX_1tCcyr083Sh9g8bohwo4C65Zp3WSPPonKNf9mNyS8LYL-VW-fSvGAE&id=lidar2&mcvt=1259&p=0,0,254,970&mtos=0,1259,1259,1259,1259&tos=0,1259,0,0,0&v=20230504&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1304860571&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683472526091&rpt=1483&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E570
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 05:20:55 GMT
expires
Sun, 05 May 2024 05:20:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame B5E3
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFo0gMZmbG_aqMvg9g1l6n0&google_cver=1&google_push=ATf1kGOVwgmZHQc5nxLgkZLVTGhT2QTwQakzulWejQ0H9Xm6bEwYcx_XIEpZlVewn7szVWbDi5EXRzIVdM5JVw1NyabqnSO1DaSfJIsGxQw0KptmCPVGb0_E5uLppsKdKSsyFWNoxZ1hTPnw
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame B5E3
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELsB8VVpKyCn7ntuX3ecE6A&google_cver=1&google_push=ATf1kGMYCLvXhujvz7Z0TeCWQAJ9F6ujeMzh1yJ7Itn1KFYiMNln7wLvS1lBl29YCa1VQiuSRs7ffhPSuPK0uPDTAmHMdmYqnyO5kEDkay6YcdkPTleN-K4R8IBvCuQXwSt5pxhxHSW_vVU
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B5E3
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_fmyvmu-MQwoSUfQfl-SU&google_cver=1&google_push=ATf1kGNWd7ReSkfp1c0rNiisRVssiVpD_PFl00vc6QC9-MA74nynTTV6LmUtVWkMAjBC0iLBNPiP1ZcdP0n...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGNWd7ReSkfp1c0rNiisRVssiVpD_PFl00vc6QC9-MA74nynTTV6LmUtVWkMAjBC0iLBNPiP1ZcdP0nvQuJFY5P3y8ouJteENkJK7nh7sDJ82jfOsbGoM7gNCjON6dSvkXSN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGNWd7ReSkfp1c0rNiisRVssiVpD_PFl00vc6QC9-MA74nynTTV6LmUtVWkMAjBC0iLBNPiP1ZcdP0nvQuJFY5P3y8ouJteENkJK7nh7sDJ82jfOsbGoM7gNCjON6dSvkXSNl9sAMus
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGNWd7ReSkfp1c0rNiisRVssiVpD_PFl00vc6QC9-MA74nynTTV6LmUtVWkMAjBC0iLBNPiP1ZcdP0nvQuJFY5P3y8ouJteENkJK7nh7sDJ82jfOsbGoM7gNCjON6dSvkXSNl9sAMus
Date
Sun, 07 May 2023 15:15:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
us
sync.go.sonobi.com/ Frame B5E3
0
498 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGOPDGy2kvoRC8C-V24koUa04Z7A94dHYtgKsE8HL6p6PEGSgwNN3-PC9DSS8I04jXAe9USxkPZ-C-cNWEr0-rudtSsSiwX0ruqH3tPKO3tdEw5NSLoO_7iA731CmfihvAg11T-fsuHn%26google_hm%3D%5BUID%5D&google_gid=CAESENmVCgdf_PyS1shpaNttJdA&google_cver=1
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-79
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B5E3
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEFGK5-71Qya-tEno1a81uxI&google_cver=1&google_push=ATf1kGOTU0LX6alwumIA11RrPr51WyQrAyA-GKkdCtVof0GXzTJWAfoIN53a7l4J0E5Hk2cYhrwTV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGOTU0LX6alwumIA11RrPr51WyQrAyA-GKkdCtVof0GXzTJWAfoIN53a7l4J0E5Hk2cYhrwTVlyQ5QZjR907zivelWdS65tXJaorX80LXpEh565mo41JKC...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGOTU0LX6alwumIA11RrPr51WyQrAyA-GKkdCtVof0GXzTJWAfoIN53a7l4J0E5Hk2cYhrwTVlyQ5QZjR907zivelWdS65tXJaorX80LXpEh565mo41JKCQ17yr_0F42j3a1D6i517tD&google_hm=WkZmQWtjQ281dWdBQUwxU2suMEFBQUFB
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 07 May 2023 15:15:29 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEFGK5-71Qya-tEno1a81uxI&google_push=ATf1kGOTU0LX6alwumIA11RrPr51WyQrAyA-GKkdCtVof0GXzTJWAfoIN53a7l4J0E5Hk2cYhrwTVlyQ5QZjR907zivelWdS65tXJaorX80LXpEh565mo41JKCQ17yr_0F42j3a1D6i517tD&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZFfAkcCo5ugAAL1Sk.0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40193"}
X-SO-Key
ZFfAkcCo5ugAAL1Sk.0AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40193
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGOTU0LX6alwumIA11RrPr51WyQrAyA-GKkdCtVof0GXzTJWAfoIN53a7l4J0E5Hk2cYhrwTVlyQ5QZjR907zivelWdS65tXJaorX80LXpEh565mo41JKCQ17yr_0F42j3a1D6i517tD&google_hm=WkZmQWtjQ281dWdBQUwxU2suMEFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40193.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
80
Content-Length
0
X-SO-LB-Hostname
a-tgng40017.dc2p.scaleout.jp
X-SO-IP
185.213.155.143
/
onetag-sys.com/match/ Frame B5E3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKw9Va674s79Xfsb-I84Ep8&google_cver=1&google_push=ATf1kGOYXwP_zyhiwHcyzTMyhttoSV6rEwNhe4NZ3E0QLd0s9CyZFUa5Hs9Z60RkrF_gZv2pEQfPjqm66vK...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOYXwP_zyhiwHcyzTMyhttoSV6rEwNhe4NZ3E0QLd0s9CyZFUa5Hs9Z60RkrF_gZv2pEQfPjqm66vKh8I5wbkVklle88yOkxrKlOM1b3lYzwOh4JeYM...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B5E3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEA6X5SFzbfHRGqwEQIMgAMM&google_cver=1&google_push=ATf1kGMTjiEmT8niGgfuhxOKZex_hPrji_dIg44_hritK7Pp7yah5AQnFYXiVTgm9UcADY_hktaGg...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGMTjiEmT8niGgfuhxOKZex_hPrji_dIg44_hritK7Pp7yah5AQnFYXiVTgm9UcADY_hktaGgRiLy4iL3Zce2OnbgIzS7NFQzC7PRjA68mK4_0ft3LXqRDkgm9P...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGMTjiEmT8niGgfuhxOKZex_hPrji_dIg44_hritK7Pp7yah5AQnFYXiVTgm9UcADY_hktaGgRiLy4iL3Zce2OnbgIzS7NFQzC7PRjA68mK4_0ft3LXqRDkgm9P5Ml7yTaSGu-ksTTIipg&google_hm=SXNaaWJWWU9tZW9LYkNtZGdLMms=
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGMTjiEmT8niGgfuhxOKZex_hPrji_dIg44_hritK7Pp7yah5AQnFYXiVTgm9UcADY_hktaGgRiLy4iL3Zce2OnbgIzS7NFQzC7PRjA68mK4_0ft3LXqRDkgm9P5Ml7yTaSGu-ksTTIipg&google_hm=SXNaaWJWWU9tZW9LYkNtZGdLMms=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
286
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B5E3
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ie9pZzwPKrkjCfwopO8Yek3khY9DeqwFOzRNNhoEsIGFkO8SFBK6cRr-mm3rxAxT2u_v__Ijo
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 08 May 2023 15:15:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D54
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3244647449349&version=m202301230201&ct=76&x=1&cor=8197688588119540000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F91B
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame F91B
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLHy9_GY0-Ubx7eNNg6l_VG2EqzoEKBim4Lo32C9rGPEiohOpK7pSfSf9VoqVD39WKgkYul59mOWqbrfgsIpLvg0Tyuw&cry=1&dbm_d=AKAmf-AiQ2lh2EG8bkvtoPf1zizTW1vv_BHh4nz3lbIFYG4lBNaRgp0crNQBbR49asKWIOJTVCDufljkxNUJLckTBqJVc9xcRRfN54LIgTx6PixsIXT8XCgpQucB_UwPK-hbK0KE3mqXuqpY9rtju_VvHl8ODkmcTe6eyLC564MDynyxnFnnMhR5qdaS0_wo4Aqz5u2xxcjbuGqvPIgUwcZWLuHCyNIuFVq6vO2pr8TcsIzQUqLAGxsJXn3ORW6jFzh5Bv_N6WRMxgvut0tVZIfQcE-7lDXg_N1JFf2NTbxIxs3QTMQdu3F88N1J-z2ZDRz9fdgHLqZuA8AuscXVvRJz2UwP_kgQ00VEDtuY-IGjLL-saJo8h8uRKMc3nQYn5oQ88faKbU707FKjGlZgGc38GsCvibPGvJNQH9uHUL5R-GitThOSADgjeombTOj8p7yjM0C4Bjn6cZG1iskF0Ij2JHkwu0mQCPkYt61V5XzZRGqL2wtVm_E0qiaxqWVqQzkYq9HUReCUvgrm64lG4Sk6zpcR4-fvVo23U27zZLLBG0OTIRtaIrwOB6Pt-jUlwcPmsxhQsZBxlHOOpoeoJN0zSrv129QZwk70uNlWEa5Zoq1I8lRmIP3_TPyLwvi_ntCOQ_KOYJVQDSMsOYlaM90iCLUbJCrS2l2V745cXjuO6AFdj03AYwSzaQtm2oJlppvQgdI8qODn7vzzDJdjbqEqKjOAb-kntmlU93NMyO9DuedxaquB6KB1jx3M02p0EgfTiqEtYDZwpazET12vGZUV3yXuC7McR32cgC2pok4j1HV89bUxZzCJLnZ9v4JQa_v4yH2czVV1jYFFTLH2-Ay8CPW7hbztgK_PPw9jbUYHUF-9gDGgNE731kZV3EkYweYm2znwNDrgBiYJnM2tMH1Qi_R3ovqi_ZOT8sK4G0b3YCmEARFNOqlT3I272aOoFg-jFaRBUL_C7Ged-7xt7qPoyGKJ-Op0C3nxLDxp2BiHRX3X1ep_VhObk42jzfwBHlVkzK0jTlF4083ntzq-0ckjSHJqhUUS07RwBhgHbA6o1WFWbJeisUGz3nQQ4s5EKWeJUY0nYjE5dP_avh6ezA1CFM8z_p82loQFafqWjI69iZu4IbAWP3b3zNsOrKpAX_u1BtZvbo40aP81A5ZjoBKUN7UizCB-e2nIWCmr1sUwEBJ-6YzQKsgEjHpJcwlh2cC4GFAHLuXmxTvbsMbzlXy1JeMJ0eUDhbnsq9-yXhmHFrv1lVtuxD1NJ1eFB0GpjPy4eX2bthSs3K6pind5hW2B7FxJhJwP-4d9KPnpzOKDnK8hWQH7bU9PpSZbMJgDdQt3MPaJRmFhisl1ksXTOBE8IR5zTfguc3VnYmkBrwABVHj2CGIAZlbbHLXHR6_O5V04JowUlPY23_DCDj4CRjxDVfOuzDFl_fVZvw78JlXhrt-idE050KW_F309loD8LzkZsWiCWyqEaJ-KX5FiWQeYiFxni4Tpq9Blc4IKwSJS5tUh3_8FS4xl4xnpIE8FVPEM5yNgdEAPRbAqs_E1EUd9fMQdX_WjdSEsb58vi30TvKBkpvsQ0gnWlNxfgl7kO9a02WdNEPJnB_rv6clC5XFmYmEzvsEgyINyPhhz7vlsMokZHqebbrBxoBZqt_c_fTKmmFy3gPGWvtHvOVJRzWaq3vxvo5twfbyIPAI1vyNOr7ml_Qf2zqGdgPzJ9pmKrrVR2qoNSCCJ-_5x7y7DTbAkPN3hOZGkzOMgKYR4-uL83hNygix9PFaF0Cg6ObOvTNFr2x9nUnTD8lhnaAt4TujlfxewO2ULXVSEn4pe7UW8igWxCFCvKy0h9kCTgJIfP8SJ14Dc3581Gu9xFHPcg3dMhtCMGjECQf_zBK62emmanrt9Oc0mbx7yqlrJfyHOwks9GoXcI6wcjFtb0U3JOlA3eYGUK57I_weMAdXG_YVrx_xVOA5q1UBBRybKoeo9SPVntt2VK7MZYe9qhwUb4OK6JmDXrmai0WLVourAAPi_eXjOqasIPuz_VrkwVtoBhj-zXEG5l2pIUSLHDdudWjcB7s5bz37m-ePn4BvSPlW9GIZoZPeEOqkZxTO93zfiQQpUy7xnYg4_m5yhNrl0cTDcUDUnA18iM0lnL13HuLG_ns1nM2l2q472dMKSaEkm7gD41RT1JRSecHWJWPdyW9QD_kgHFW_t9knghBO3XkR2OYiQSeo4KFh7PRwPtzN9uubbDonCabigHaCeZRGGBr9s8jrdjEumLRtWYyJsEJ4rgTVdU4dmu-8QdwoOABHFU3yvSyO1Ii10gnCIlUwu3-NKXfzyNNyWpihPzQXKa2YhxfD3d6AcfwFWJ7jukQt9U_XASOSCvSFfD8XnDYvRzYTyfP9R-xPjND9hH7lfkKhRMfh79vtYGGdd5rLFsIqtWnXDr_R_Fn5fgj5sM780hz7V9mghD0qi3vouHhDFmw-604v0mhNYYOxIMDQFmRjzUW7aaOoEs1pAxjtRRwZRVes4E2FzKC73T3UUYhAR_eyT6oooTilA8BItopym7ra-P-Tootm5d9HmVZCLdB73fsP_SgGI3lB7nayCXfxeWUI5qet-skjkF-3ChzyXX6FbQitGQkIoH21Q0s-CgZd05aV3BmFyYrRf663M1HEYcdZyFBjrzGzJDiGW1nAocD-cRS5P2EkDoHgbaEIZZdlupOaJcri9m0QxSTTaPO9_PAn2D_jxTyCV8rLqh1PAJ5eKZRgg6snB2bZV4cQ8AFXdWgklTsyfMpRnMj386qwyt8ZZs1VSKqL6xxnYoMAL_1ne6Op8Tuhe6Z81YgX8_0Krw4gdOy96dLdLWY87d0Ov1Y5KLDO5BG4Li6uWUYyYnPlVMjqtTSPpCuMOd_c1dXvYRFVXxDIadQN7lTEtOzf1fbhEYBkrUriZERfziJllUhbWXsSQ4FodNC6R-YmRSGV05DH2h_37evbLQk7L_NKjcahG9r0-OKFu1lRwVKJWhRkFpDq-b4URqbDdOxtb7rs8PRXDpJKvaI6bhWZ7IDt0gLK_-BBp9WnISqudXCRxobQ5mhsn_fwyP7k0LNPI6szdbNovKsyFARV7zYCGGyapq870ugRCdI_gNW1IaCdE1lgHekrYvXRTiH7GvcS47e82ZofF7YxW8D-hKJRtTdDEY-RxKIHtgEn_mEm9lSYmFlQJJT1LQl3ejcMScNfMxmk3Qw8UiLJA6A8ZixMV3Rsfd9owNYg4GTXeQNLIDU_rnoZfMl2kffO9Zc1sjxLBBVwwED53w_BeF6ELNDTZp_jlpNNHgkPxxJOIZqmUMUKQSZiRhmMowStnuMYWQjSfDP4mtiUU2ojSJWPzGMwRuBcutQS7CSKSMjDDc6bVrGajlr9kggD6fRbGmO3NSPok2o5nGRDWGZkG5Ee5uHOFm2cTN4DRZNz0Y6taIDMxmRwJmzErRu3zG5MACuqena38XFgSlAT8O1nSe_Y1XCfYpCAbe1PMrajc8c77JuU&cid=CAQSPABygQiDXibmHz8rfOreoTdVS2LvDEfpTFBcGZMLCEGvIS7vX7RtcXWi8lVlgHd72_ULsluXJVtmib39sRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=5677650128719709000&adk=1033480531&idt=185&cac=0&dtd=40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
76461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:01:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame F91B
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLHy9_GY0-Ubx7eNNg6l_VG2EqzoEKBim4Lo32C9rGPEiohOpK7pSfSf9VoqVD39WKgkYul59mOWqbrfgsIpLvg0Tyuw&cry=1&dbm_d=AKAmf-AiQ2lh2EG8bkvtoPf1zizTW1vv_BHh4nz3lbIFYG4lBNaRgp0crNQBbR49asKWIOJTVCDufljkxNUJLckTBqJVc9xcRRfN54LIgTx6PixsIXT8XCgpQucB_UwPK-hbK0KE3mqXuqpY9rtju_VvHl8ODkmcTe6eyLC564MDynyxnFnnMhR5qdaS0_wo4Aqz5u2xxcjbuGqvPIgUwcZWLuHCyNIuFVq6vO2pr8TcsIzQUqLAGxsJXn3ORW6jFzh5Bv_N6WRMxgvut0tVZIfQcE-7lDXg_N1JFf2NTbxIxs3QTMQdu3F88N1J-z2ZDRz9fdgHLqZuA8AuscXVvRJz2UwP_kgQ00VEDtuY-IGjLL-saJo8h8uRKMc3nQYn5oQ88faKbU707FKjGlZgGc38GsCvibPGvJNQH9uHUL5R-GitThOSADgjeombTOj8p7yjM0C4Bjn6cZG1iskF0Ij2JHkwu0mQCPkYt61V5XzZRGqL2wtVm_E0qiaxqWVqQzkYq9HUReCUvgrm64lG4Sk6zpcR4-fvVo23U27zZLLBG0OTIRtaIrwOB6Pt-jUlwcPmsxhQsZBxlHOOpoeoJN0zSrv129QZwk70uNlWEa5Zoq1I8lRmIP3_TPyLwvi_ntCOQ_KOYJVQDSMsOYlaM90iCLUbJCrS2l2V745cXjuO6AFdj03AYwSzaQtm2oJlppvQgdI8qODn7vzzDJdjbqEqKjOAb-kntmlU93NMyO9DuedxaquB6KB1jx3M02p0EgfTiqEtYDZwpazET12vGZUV3yXuC7McR32cgC2pok4j1HV89bUxZzCJLnZ9v4JQa_v4yH2czVV1jYFFTLH2-Ay8CPW7hbztgK_PPw9jbUYHUF-9gDGgNE731kZV3EkYweYm2znwNDrgBiYJnM2tMH1Qi_R3ovqi_ZOT8sK4G0b3YCmEARFNOqlT3I272aOoFg-jFaRBUL_C7Ged-7xt7qPoyGKJ-Op0C3nxLDxp2BiHRX3X1ep_VhObk42jzfwBHlVkzK0jTlF4083ntzq-0ckjSHJqhUUS07RwBhgHbA6o1WFWbJeisUGz3nQQ4s5EKWeJUY0nYjE5dP_avh6ezA1CFM8z_p82loQFafqWjI69iZu4IbAWP3b3zNsOrKpAX_u1BtZvbo40aP81A5ZjoBKUN7UizCB-e2nIWCmr1sUwEBJ-6YzQKsgEjHpJcwlh2cC4GFAHLuXmxTvbsMbzlXy1JeMJ0eUDhbnsq9-yXhmHFrv1lVtuxD1NJ1eFB0GpjPy4eX2bthSs3K6pind5hW2B7FxJhJwP-4d9KPnpzOKDnK8hWQH7bU9PpSZbMJgDdQt3MPaJRmFhisl1ksXTOBE8IR5zTfguc3VnYmkBrwABVHj2CGIAZlbbHLXHR6_O5V04JowUlPY23_DCDj4CRjxDVfOuzDFl_fVZvw78JlXhrt-idE050KW_F309loD8LzkZsWiCWyqEaJ-KX5FiWQeYiFxni4Tpq9Blc4IKwSJS5tUh3_8FS4xl4xnpIE8FVPEM5yNgdEAPRbAqs_E1EUd9fMQdX_WjdSEsb58vi30TvKBkpvsQ0gnWlNxfgl7kO9a02WdNEPJnB_rv6clC5XFmYmEzvsEgyINyPhhz7vlsMokZHqebbrBxoBZqt_c_fTKmmFy3gPGWvtHvOVJRzWaq3vxvo5twfbyIPAI1vyNOr7ml_Qf2zqGdgPzJ9pmKrrVR2qoNSCCJ-_5x7y7DTbAkPN3hOZGkzOMgKYR4-uL83hNygix9PFaF0Cg6ObOvTNFr2x9nUnTD8lhnaAt4TujlfxewO2ULXVSEn4pe7UW8igWxCFCvKy0h9kCTgJIfP8SJ14Dc3581Gu9xFHPcg3dMhtCMGjECQf_zBK62emmanrt9Oc0mbx7yqlrJfyHOwks9GoXcI6wcjFtb0U3JOlA3eYGUK57I_weMAdXG_YVrx_xVOA5q1UBBRybKoeo9SPVntt2VK7MZYe9qhwUb4OK6JmDXrmai0WLVourAAPi_eXjOqasIPuz_VrkwVtoBhj-zXEG5l2pIUSLHDdudWjcB7s5bz37m-ePn4BvSPlW9GIZoZPeEOqkZxTO93zfiQQpUy7xnYg4_m5yhNrl0cTDcUDUnA18iM0lnL13HuLG_ns1nM2l2q472dMKSaEkm7gD41RT1JRSecHWJWPdyW9QD_kgHFW_t9knghBO3XkR2OYiQSeo4KFh7PRwPtzN9uubbDonCabigHaCeZRGGBr9s8jrdjEumLRtWYyJsEJ4rgTVdU4dmu-8QdwoOABHFU3yvSyO1Ii10gnCIlUwu3-NKXfzyNNyWpihPzQXKa2YhxfD3d6AcfwFWJ7jukQt9U_XASOSCvSFfD8XnDYvRzYTyfP9R-xPjND9hH7lfkKhRMfh79vtYGGdd5rLFsIqtWnXDr_R_Fn5fgj5sM780hz7V9mghD0qi3vouHhDFmw-604v0mhNYYOxIMDQFmRjzUW7aaOoEs1pAxjtRRwZRVes4E2FzKC73T3UUYhAR_eyT6oooTilA8BItopym7ra-P-Tootm5d9HmVZCLdB73fsP_SgGI3lB7nayCXfxeWUI5qet-skjkF-3ChzyXX6FbQitGQkIoH21Q0s-CgZd05aV3BmFyYrRf663M1HEYcdZyFBjrzGzJDiGW1nAocD-cRS5P2EkDoHgbaEIZZdlupOaJcri9m0QxSTTaPO9_PAn2D_jxTyCV8rLqh1PAJ5eKZRgg6snB2bZV4cQ8AFXdWgklTsyfMpRnMj386qwyt8ZZs1VSKqL6xxnYoMAL_1ne6Op8Tuhe6Z81YgX8_0Krw4gdOy96dLdLWY87d0Ov1Y5KLDO5BG4Li6uWUYyYnPlVMjqtTSPpCuMOd_c1dXvYRFVXxDIadQN7lTEtOzf1fbhEYBkrUriZERfziJllUhbWXsSQ4FodNC6R-YmRSGV05DH2h_37evbLQk7L_NKjcahG9r0-OKFu1lRwVKJWhRkFpDq-b4URqbDdOxtb7rs8PRXDpJKvaI6bhWZ7IDt0gLK_-BBp9WnISqudXCRxobQ5mhsn_fwyP7k0LNPI6szdbNovKsyFARV7zYCGGyapq870ugRCdI_gNW1IaCdE1lgHekrYvXRTiH7GvcS47e82ZofF7YxW8D-hKJRtTdDEY-RxKIHtgEn_mEm9lSYmFlQJJT1LQl3ejcMScNfMxmk3Qw8UiLJA6A8ZixMV3Rsfd9owNYg4GTXeQNLIDU_rnoZfMl2kffO9Zc1sjxLBBVwwED53w_BeF6ELNDTZp_jlpNNHgkPxxJOIZqmUMUKQSZiRhmMowStnuMYWQjSfDP4mtiUU2ojSJWPzGMwRuBcutQS7CSKSMjDDc6bVrGajlr9kggD6fRbGmO3NSPok2o5nGRDWGZkG5Ee5uHOFm2cTN4DRZNz0Y6taIDMxmRwJmzErRu3zG5MACuqena38XFgSlAT8O1nSe_Y1XCfYpCAbe1PMrajc8c77JuU&cid=CAQSPABygQiDXibmHz8rfOreoTdVS2LvDEfpTFBcGZMLCEGvIS7vX7RtcXWi8lVlgHd72_ULsluXJVtmib39sRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=5677650128719709000&adk=1033480531&idt=185&cac=0&dtd=40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de1346a42d1d61f1b1bb581cc38a9a6662570b67fbca3b9d4dd3b36e446b6a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
76327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10880
x-xss-protection
0
server
cafe
etag
12570010719352825067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:03:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 115F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 05:20:55 GMT
expires
Sun, 05 May 2024 05:20:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 8753
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJWHJ0f_3kDNBTv6wkMYN-Q&google_cver=1&google_push=ATf1kGOB7BJvA6FzyTCNHFgFuUbtxONmLzseieXs87xls9g6sZ6_W_gF0etI_dry_fWJvosY8dxZWlbldEny39uD...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOB7BJvA6FzyTCNHFgFuUbtxONmLzseieXs87xls9g6sZ6_W_gF0etI_dry_fWJvosY8dxZWlbldEny39uDXV1QjV9zX0Y
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOB7BJvA6FzyTCNHFgFuUbtxONmLzseieXs87xls9g6sZ6_W_gF0etI_dry_fWJvosY8dxZWlbldEny39uDXV1QjV9zX0Y
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 07 May 2023 15:15:29 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOB7BJvA6FzyTCNHFgFuUbtxONmLzseieXs87xls9g6sZ6_W_gF0etI_dry_fWJvosY8dxZWlbldEny39uDXV1QjV9zX0Y
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
x-status
O1
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 May 2023 15:15:28 GMT
i.match
s.tribalfusion.com/z/ Frame 8753
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELx9xcUVWaQRbuyFaGq6iA8&google_cver=1&google_push=ATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELx9xcUVWaQRbuyFaGq6iA8&google_cver=1&google_push=ATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no...
43 B
418 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELx9xcUVWaQRbuyFaGq6iA8&google_cver=1&google_push=ATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c3a6b2c1d5c2c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
19
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELx9xcUVWaQRbuyFaGq6iA8&google_cver=1&google_push=ATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPGpDRMYZNrYz5z8PeF07MKVFnwz_hkD-HDdMEoR2AaY7_HSD1kIcRXHyxsR8Ui7h4alkhIG1ECk_jWdT-G6PVmiWOP6no%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c3a6b2a6b212c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8753
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JeidWJq0Q-Cs1JvmNDOkUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JeidWJq0Q-Cs1JvmNDOkUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPkuj4TNS_U4LKP1LXkmqThXPjHzs7W-ywzC0j3UtoJaZT8zSDg3GNE9sQ-Rc_PPEH5-oVnQVceYYpyt6WlCNIhQfM-Yk8
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JeidWJq0Q-Cs1JvmNDOkUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPkuj4TNS_U4LKP1LXkmqThXPjHzs7W-ywzC0j3UtoJaZT8zSDg3GNE9sQ-Rc_PPEH5-oVnQVceYYpyt6WlCNIhQfM-Yk8
date
Sun, 07 May 2023 15:15:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8753
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFMYAQ7b4jlJgTg20kZWNCI&google_cver=1&google_push=ATf1kGPlLzuBJEulvFopEzGDTpGwnQwNZklKGAzS1a6PwzvChxMHjUarKccV5sPgBUrmS9haWrhrD5IIp8OMAGiE...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPlLzuBJEulvFopEzGDTpGwnQwNZklKGAzS1a6PwzvChxMHjUarKccV5sPgBUrmS9haWrhrD5IIp8OMAGiEALY_c-XsM5w
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPlLzuBJEulvFopEzGDTpGwnQwNZklKGAzS1a6PwzvChxMHjUarKccV5sPgBUrmS9haWrhrD5IIp8OMAGiEALY_c-XsM5w
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 07 May 2023 15:15:29 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPlLzuBJEulvFopEzGDTpGwnQwNZklKGAzS1a6PwzvChxMHjUarKccV5sPgBUrmS9haWrhrD5IIp8OMAGiEALY_c-XsM5w
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
8bwhl_GnvueaH5pjBbB7lfGmZEKGquV-SAxwqasv4qnPgqlIVRghPQ==
pixel
cm.g.doubleclick.net/ Frame 8753
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOs0KtwCcLoLSYvTJlxdPCo&google_cver=1&google_push=ATf1kGOo6XsnMpu72J5GWvD7NXqySCSA_Q6UYMTxNYGrWF49nAAcNv3fAW4_FSY2wFzdDm8Qk0Wk07x4W9BGDfZFHKSFB1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGOo6XsnMpu72J5GWvD7NXqySCSA_Q6UYMTxNYGrWF49nAAcNv3fAW4_FSY2wFzdDm8Qk0Wk07x4W9BGDfZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGOo6XsnMpu72J5GWvD7NXqySCSA_Q6UYMTxNYGrWF49nAAcNv3fAW4_FSY2wFzdDm8Qk0Wk07x4W9BGDfZFHKSFB1JAnKI
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGOo6XsnMpu72J5GWvD7NXqySCSA_Q6UYMTxNYGrWF49nAAcNv3fAW4_FSY2wFzdDm8Qk0Wk07x4W9BGDfZFHKSFB1JAnKI
access-control-allow-origin
*
date
Sun, 07 May 2023 15:15:28 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 8753
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFLIVKh1Ct0tii3KVcKcLbE&google_cver=1&google_push=ATf1kGMnW-iRY3YSpcC83jh-uN6JedUewDf6K6DYtjlIYwh1SEbzJTah9WJpqopnNU2NEKaogzT5yXLRj9vYDLTmP5konOD9_2o
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMnW-iRY3YSpcC83jh-uN6JedUewDf6K6DYtjlIYwh1SEbzJTah9WJpqopnNU2NEKaogzT5yXLRj9vYDLTmP5konOD9_2o...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc2NzE5MTQ1ODQ4MzcyNTM0OTMyMA%3D%3D&google_push=ATf1kGMnW-iRY3YSpcC83jh-uN6JedUewDf6K6DYtjlIYwh1SEbzJTah...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc2NzE5MTQ1ODQ4MzcyNTM0OTMyMA%3D%3D&google_push=ATf1kGMnW-iRY3YSpcC83jh-uN6JedUewDf6K6DYtjlIYwh1SEbzJTah9WJpqopnNU2NEKaogzT5yXLRj9vYDLTmP5konOD9_2o
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc2NzE5MTQ1ODQ4MzcyNTM0OTMyMA%3D%3D&google_push=ATf1kGMnW-iRY3YSpcC83jh-uN6JedUewDf6K6DYtjlIYwh1SEbzJTah9WJpqopnNU2NEKaogzT5yXLRj9vYDLTmP5konOD9_2o
date
Sun, 07 May 2023 15:15:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 8753
0
45 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG368GiRjAsQMFZWJeen32Q&google_cver=1&google_push=ATf1kGP74t-RG9zr-KnXvgeA0e5J232CTVUg0zp1FbfLiRX4xUaZn2YBK8VIHim8NiZstJWGEtAj2oak_nJNyCCa06zBH8ld6W0
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8753
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlzfYYvcZKBd0l0b2dZ_aY6uTUiyU5JVIFZoMNXRh_8HXKyhkGxV-RBllAqXm7Fsu2eDBt
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame E248
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlQHJZXYmPA9Dgq_3OLJmLavtFv1Vf0lMKom0ARHCb_DJrrTOU4zTnTcdeWNouqA7oG2hkT7HRYmK-e71tEnCCkU3tT0mhiHWfSzvJfZz5Tkpy4Gy64OQCdA14LumTOQ3h6m3XP0VRKFFFlugZIfqGT_8gK9W4lazQct6lsfNMu-LRqOa759NvYJIgX8Io4CfPaEQB_od_7-mHWXqkfaxDlDRAoECkw0GRmQVY6MXBt89WeMN6YQQqZkpg8OfzapPeJS1ozLUv_QlsGjs4NmQYAlKEXVHWI-79Lli4GhAmkzt08bbS4My94kV4erWYbfpewzNxl2yGQgxF263mlQoI96HEwrVIntXdTER3YX1iUNBeocmOThSMTR0IvC8SoNojik_EP1oyn7y-36vNB-qzeq34AZpMpbWBJy2SAyB0CBS8SPUv-wDffAKaiEFHi6lBD6SdDoFp7LpG0opA7JO4tVxxzKYKdteFvTfKIKRQ2GjePSDBZnjKd5rL3jo1135nx9ucce24oD_BWk0-681gnzyrHoUv-MJyWHPEmuY2qh-GBf0C5NdBW-wKr_AqEBF-MZXZdlC0fi0Fkexiq2IKvqWYG9bWA9y1ssjMaZRRnxnvWgGZXwzPJhUxPK6ZTHGGtGjb95FmwtMSrSbo_m34QDctvWpRt6Hamg3T4dUiyNF7pm4yzEOO20BEwBOEQWT664BG8SubcPZA0qxOg0MufBxf-LY4cekBGlo47wY4dOULgKuKQW8Vnh5cVO-9HAxq3S4CnNUAW8RqhyA2kxBaMbe7okfRsQUu9y-AWANLXKWH68U84_tg9KGIC2hDZgyCE9Iz3OJMWVIRrnIz013tLuhANbdl-yaa7NDcaOCHKRiHoan_2E-M8ekdqrs98toXvatFdMBbUFdSyfjbiYth6iEY0-UrYq5mRt_NWDP7zJGDMdUmXiwWnDhheGdWdk-vPZgmXcPbK75qgGIVeMAC-nqK_4a-TQgCSSKOdvfmappMiGdO3obKU5T3GOna39GuxaOy7UHf6S5P6qiVCYTfrkcEjnblhQZhfuPcnEHVF4WrTT73GRNYYmmuYcZkd1InSbKsnaTCtaxCrahfs5bdORZxjmuxK8koZsqdsPRxWstP5NyjoYLfcPLBCPykaxyzD_-w-7LABrl9xiMwrrvv6_9_1QC1ONwwooBceMOUfMLya8h3uSKHDpl7Q3Xo7fwW4CzYbQlp1pBCf-6UbO-6t2nNzC9ZrnDKIZRVoc9ZOh5hz31UdIFD2883-mkguvJahrr_TxaUMioUjHE_hE1mkD32UwpabCvTtI_26RWlE3n5P9O6Q_ItGUPT&sai=AMfl-YTAGS2tYrDfy3kP0CKiBS4bJzLO3KTYdWwbuoYhG0u7xnLn3c0ZsOKI2TZFrOOEWvJhhqzuy2VA9otC0tXAmM5bSUsf2DmDDQgivEusW_KzHTEBAK0rIibmMpRrs3FmZ79r9-JmJLJ7DsaVdnY0O-5fp2YEaG14om4pHFbKIIR_jTl1ZJKOaK1LmVrXNDHRvaad43Zt1d1meWCORwRP1jLO5tu5mOl6GFgU0nPWd6LGMPv95Yv22hLvSPcuVn7ppG6KBGRHN0embipobw-E7ieaDmRN5ZUM&sig=Cg0ArKJSzF1vvpkr9FknEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1076&vt=11&dtpt=771&dett=3&cstd=291&cisv=r20230502.11037&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 May 2023 15:15:29 GMT
728x90_atlas_1.png
s0.2mdn.net/sadbundle/10202089977740236388/images/ Frame 99DD
61 KB
61 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10202089977740236388/images/728x90_atlas_1.png
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
953f551a1408b3329e924122a22d7bfe61938289342594ebacc0be21745daf5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10202089977740236388/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 05:46:24 GMT
x-content-type-options
nosniff
age
206945
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62201
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 22:06:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 05:46:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B621
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuCe8CeDth5t0QuXnGs3Qjh-rOEN6vwqgzel4U3zTxZELA1nPCubEOSR_I3H-xFiwefiHh8FZHuT0dbPpimHz6ddppX0nIl-O6N3ObVSVNjQ2ZFXB0vqPgXLA9fkoJcSgHrdOAUKQuJKd8CGPIdNX6wyqdhXwH_RTVyK4mNmseFLrMLZrWwBzRhUJowq7IjgGE9plvDTiep2eE8Q9IGNBVQqbWlPliTIrTMLrnezWcUAtDjy4B-jEfO4u-mAlKj_9ubhraIyidHbyJNfNDgBZQt4MCBtT6KRR1xqeXlyGvwSJUftOBCV8tHeE6eUrvhd-QlTZ-yI6YqGFyhHGZBbHC2yj-yeJdrPp5kLv3yoUUMq_YrXr2Hi4fJe9Vjn1tjB6-9AB8TrkbFKTndzHIaPu3dghIh9yMCPjhsxN_NPtcIZCXNCJ9qbJV1EW_3ZNcuvVR2MvLaHMvTDqjD1Rh563pKY4pn0gcn0j-g3lGOG5C75CIXmiyvdhzelq-L53Wk8ywiP6bvRlPrU-DpgTAE9tIRmSu7B3w0skUCA-tBlZeex0u0ldV4Bvob719Q9PEDgLaHvBvy8la9PvTldF3P4WHYj42ixG6qMmqCppDm2n1Dg9dJNwvh-_QJ9zkrfHE3tGG3nH15PMJ_6g6I2okiH8SwqNcMpNcZ575F4pJVlOE4h5NIG2E1TYC7wOjBMJifCQmV09AEVEiG9NPsPW-hK0yWJyzIC-NaBdOByyS4iR7UKx9pMUfXhxATG_tqZvqt_zs24rCXGtW4khSkAj6B1p8zaXSFYkzvxnznFAqU9AmwZwupTnuQJDlEMsSeyGS0Rv3czhLKHy3R-JKSP4oMI60MRjeaTjpfJIs7fzxIUD2ljQGSbClFT2tJhWDrw5fdkPLPSr2Jl8unpV_SV7dkjomwFCamo6Yv-x2qjAOe0a44nR1-HoVIz5DiluQCKpFVrNdamNYPMK_XBao1C_4OYYUrAxeXAhJ4B_vOfxIeqApUd1nFOrsRsV4SMlAaLjDkw2TRkhU7fBkNM7s1V3Mb6zq2z_QzTQASOTyoSIWnA3ORlvUj6_EMaUvOV-S-oXQ1QLUh2xS2nyD_OXIcHs1cn2wuFovBSbXiE0RuAeN1_OFeceHYpKj6__aGRuKYC4od6YqfLdbscwq99BkFa4y2quMJ9m5IQc24rAo2hqAZSD3PYsnWHxX55WaAm7RULrQMAvXjnmmT-3LK1ITiOJs57V0RmdxsPu9Dss_0A&sai=AMfl-YTkRr1CtCZgEmORMFOBS5jTZovflcD9eqih4GTqdwjkh7aGWOHV4mq7JrAhxCt3fLhdKB-ora9CE1gtd95fnq67AcWjJxBpfmERHxGkNaquDYg3OjHCIRcPpOKCwguUv_ZmdR35nqSIcscC7_6z9FmlGBG6qGGCOYq93Kak7u-zbfCDW0hdcYNyS2TPRIhxewnPyLKQqp9pmTfJufhQ77EYy_kjT4-v9xXK8SWzsWQPlo4_hwf9PHNtH6XSGagCxk-xl4A&sig=Cg0ArKJSzKzb5t_NN3UWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1072&vt=11&dtpt=798&dett=3&cstd=272&cisv=r20230502.57079&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 May 2023 15:15:29 GMT
eWFsbGEtc2hvb3RzLnR2
tcheck.outbrainimg.com/tcheck/check/ Frame 7500
16 B
464 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/eWFsbGEtc2hvb3RzLnR2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:29 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=25291
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
7145ca6e285a7671b6ab27eadf7193ba
Content-Length
16
Expires
Sun, 07 May 2023 22:17:00 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 7500
43 B
380 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.229.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-53.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Tue, 06 Jun 2023 15:15:29 GMT
date
Sun, 07 May 2023 15:15:29 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4765
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b164a7e8e1b32fcd54ea9d01d221c26a1fa03c865855dcf963ded6b79d3ed9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5769
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7500
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsub5kTEy4Ji2uzmIDinE71zKKBFUfkVUQuG2JYBX-57mLTr9C_9sxWMf-EoEat4Xy_WHodHaj8VeD7ukYeuB5Sa7Hi0LgnAbkOqx3ffDumso7C1Sme7_tVYvLhUlINM2ki538Gm7Vz3hjeUK8NyUTTEK4o8wuMQZATnttUUNrb6HQ_Ji09IeJjkWTp9lMRkh_om3jlHa8Hx7-AypFfVAVGkl-08R5ecx4HTATLIcuay5vFVJZ1gkYCe_xTN-NN3WzpbklQIa_hO8GUCRVA_CTxGJBBU-IfQmJ56PChg52xAntzJHbLVEJRQ1eRHL1EkqNpB80r3PFrDfiDhpne5BNo&sai=AMfl-YSG5sbktnAAnPeVEWI3DUGvCOKOLyVNh7-iREntWfmxvEMrB7fHsrqqVCLQiLwjduFPbQcVA2WORCxdNacV8TiDRvqmKEdZx3xcTwlFyPT0GkVJ13QOxzWjvZYiVNg&sig=Cg0ArKJSzLbIcqLxv5l6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 May 2023 15:15:29 GMT
index.html
s0.2mdn.net/sadbundle/8877380214956653405/ Frame 6FA0
20 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32644959e4ee6d1247e1dee18213a1318fcf8699e71a054505aac9de85817eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
151243
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4395
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 21:14:46 GMT
expires
Sat, 04 May 2024 21:14:46 GMT
last-modified
Wed, 29 Mar 2023 14:41:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F91B
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumxL2zqsjr8FPTbf1-qHXk3pgJTdrqFqxotnE_j0GjxFbJzH6y_WDkZAojB7hTwMCzFTWsCFVt8u0ZJftUdlJC9ZG_QSgAHOdNmouvpyl4SKzx-izjqng-wbqK5EDnx6MaX7NpTwwl8UdARCZ9Yw7WERCYy4HRrshILdVy0GpoTyECYTPozehSfJHFFHgM3VcX8dNfQRZyVrhL8VQxhVmQtJaUCf-0WXYdaTu4R_yXfYY6ECWfa_cR7C7BrDRuJuB1hKNItT8oG5VP7hm9OLgJDAhQ7EwbTLakBev7fM6crzk2jFNldjkSE2kTGiH0iJDaHDGsATFh0xXjR5spU_N9S4k7c59sNauB0-VQ2wawPpPLXTvavOJIjI5D3-iXglZawq-4J1Z2Drl1Rw5Utn_TAsER7K-oIL9S5Z7n9GXMvI3fnWXraYQCLVIcs11dONjEx5L7eVs8HgtvTwO5UlSRbIYvdRIDa72wS2H3I-IH3s0Jod0UIGV0qlRNKAlO-1H6o34_L_uueBPPP_kXbKnrfmwgGL-5Ob85efLlw_qGN2TQ3Bqvij9gSjCmXw9ORI0QOhQZoQQA8wlviXQUIizHzSWhpWAC3O-EEZVFBfG6wiRTyZnWGZkFIMmKBkpXVulXEWXhKj2XqTj4FGRoU9zjSJoF9V8X4KDYY2hHYyD2kIZCLA4qGaMYuynBNim7yzBvsuOQsq9WVTSpW9umOIBGQo29SOKBELZy0V4YeNTborX50z1dXt57JOLonIcl4xYXvN5IV5NVBSQMk26Ec_lLS3QnFYKL7Se8e2wuHO74c0C8mAvHQ6XmorqCqdhg5lnMVQvRwbeYuuFgXskf15vINScz8KLCgjVNJa3ogpaZxu9WS5zIPOsmakh9a3eOmmqvh5JRqrpVWKYE4tViKMKjXQmF_r1trpeLGZKUIgqVD7-ryzFrunubl7o2qmqJO3lNCMMlCHGqaDcYzhjX5Fvpjj6zRTMW1znr2va45kA9UYoo_sXbn0x5sz6XdmdHs7DiBDuK9XGFoHOZM8jPiO-pjnzx44fzKFiWt_tGYVVSbxud1JzuGIzaNPt-ln9Xhc69oQuGq7B-Vp457WcbEANZ-fG3jCt1un492vtQ8W0VPv8-XdYcFmAXJTHZCNzQQRREcXihmT-4nRMoijZHTxPFpyLwNaBq5oOvol0AnWHMixPxTwVLYvhroNtu_WVCsftMihUQEWHsGgCTTV0YDny2y24cNO6-wurUDBlbvkyYyI4Ob_GLW3NgvqC4kpJYHPA&sai=AMfl-YQaLz_FIIGjigThOm90RG_ecUEDJz6NR0-lKGFXMvIXN6GPipzbZXAhODQq5tq5TWY_0oQD0rIf-xHP5305v-S8JVCn0qKTntyfY4En9up6KGpx6ojjkaxo50RPsNvd_MfRVrtdWUfOAbLd7DGGipV6JpDNUIxYxYYi6a3zYbVLkix_gINhMRXDmK_lNtWqsGAYuGkqS99gDDw25CPZJQF4XoZZ3PLCyaYjB3eH0vSPX_kBAmAbfhWrm5GtlmVwtbGvv90QrOaWK1om70saDhaxI3_eB4Y&sig=Cg0ArKJSzARzyynACp9fEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=249&cbvp=1&cstd=247&cisv=r20230502.48723&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:29 GMT
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame E570
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14616
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 10:31:06 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 4765
47 KB
47 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:02:31 GMT
x-content-type-options
nosniff
age
778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 May 2023 15:17:31 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 4765
46 KB
46 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:08:25 GMT
x-content-type-options
nosniff
age
424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 May 2023 15:23:25 GMT
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4765
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:42:46 GMT
x-content-type-options
nosniff
age
73963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 May 2023 18:42:46 GMT
60005582_20230503241627686_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4765
27 KB
27 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230503241627686_728x090_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6111cdeaf5e942b759ba16f2f3cca5038f3d8eeab050846e4c2597042b67b6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:00:00 GMT
x-content-type-options
nosniff
age
80129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27687
x-xss-protection
0
last-modified
Wed, 03 May 2023 07:16:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 May 2023 17:00:00 GMT
60005582_20230503241630829_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4765
28 KB
28 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230503241630829_728x090_LOOK-02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14015ca343a3c0f943525447873fdeaac6b61dface961338a738c97d78c37434
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:00:00 GMT
x-content-type-options
nosniff
age
80129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28977
x-xss-protection
0
last-modified
Wed, 03 May 2023 07:16:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 May 2023 17:00:00 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 4765
43 B
608 B
Image
General
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_355027444_145341330_PO0303A20230503&ref=29118705_4307561_355027444_145341330_PO0303A20230503
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:29 GMT
via
1.1 varnish-live-1-0
CF-Cache-Status
HIT
age
983073
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
196807391
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7c3a6b2c1d2318d4-FRA
Expires
Mon, 06 May 2024 15:15:29 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305020101&jk=1203810382951121&bg=!gYKlgtbNAAYV_mUANf47ADkAdvg8Wq--lAJeCD5ZUfItWKgWPSZKMITHuTfejLq-Qkoc6W3kqh3PS7U9A_XylLEzRdlBxlqqrmYCAAAD81IAAAAEaAEHCgBpGoJNfs8UvwPZ82ZVm1_FFK4soB1nISsEDVNYLoThXcJAeLccrARzLPtuJlwRAy-8B5jGLgAPxlzQYbkI3JvpYzbFGto074pgo6vsBfx7-fWdYAbTfC8hCdVF0zz6XnUhDwA3HzKbE3y6mQLl47GnT0ToH68yZA3Rms5FQn2cJN3ZlxIli6Y9bWD9EaSobuiiDiSfeghR6eKKJAnT6Gq9Xmj0CooIETZJqNT8qt4DDv1X2BEPNVEZnkFIosOl-7IFPELJNQ7D3efQg_UrGghJiy0f0vCxpMoqHzlsUeWaBkctWNnqmJSc5J4hueur8S6Cc5kDe_SaJ2IAw2jtTNAauNvB9RIeSewNCb1lghuhTXbaUKBrFQpBPqxcoaFT7IeLIsVY7GrH9tMkjGFdyT824XHSHVXVb9nDIYvMWHmmawDQ1SIO1tFjnarow5hZUuyS5OyD01oDVvQ4VPRkmyZUTKeeWjpI7ECU2Go5M3tqkb-HK12kmIFtCI9dj-L2qkpbYLSz7KM6PqFlTVz0ehFTmkUvX9UY0IQRSudTWU1vlnhtdg2nl78C8CwR_jnwalOI-1UwDUeKa1yU1BuYMWZXdRV0Upa9an1VCf_cj4ciP0N9KG2tMtt_dWPWTjq0l0lb0bG7c7bBnTyrUP5KrhAi8TbUeLSdURKKBW5Iidcte8ztdxV1s8TfA1XQY5zIVwUnveVuKAUiBuu2CJ7k-Gt-EstIcoY7e203vM5x5AmAjvAB2YyXs3SxwtBIV0jfbS-py6elAnvhzw1i5Mi83xhyPg8EV19H7gvZMm6LIJYIxO4ORYERqzWfHd6prre2m8vR4DTiXCFUL71PYCb7l87scQoQzikyebKHQPrQ3CTvi_wOKEuXlGacc6A6V5SimXd0tZUzFKxqCmEI_gj37T7BD4Q4hj46ydnZY3kM46e5CEvNSgw1XjABSOYdLFpmA41wHwTxLRsMz0NMsXSGGjl3YRXINIbpTO7vUW0TmFkAy7-aRoCxhO-RPiRqjS082KVIB2ADblr01dsxiyTQATXUNwrnu2_H51oXmDSZdWf-3YcYbWgN_23G0pW4Do1OV3YTz6FErG2p2YTShsDxC1SMqP_0aoV4NCAEqWdWAMxVQCeM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E64
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsCSijsBXZJqWF46QrASm6ImICgAAAAA4AeAEAg&bg=!bG-lbzvNAAYV_mUANf47ADkAdvg8WnrHAXbhqBJ-Sn4On3m_J64vhSQJFNrsQ5VUVX05ComNHTEsjBUtw3MqLgUi3hWQCISxkEYCAAAEs1IAAAADaAEHmQNkCqpd7GaGDuAyxo6P2CidrC59Vdt6CRFPyoKUu-FF7NJRu-20nDab54wcrR1XQBFqHhyeJ4A5aFWH1EwvVbYHb31YA_8r6zpAGhtdbutY2HDw4Hbo1g8et5qwSSOqde6mYzs-sxiKBifHmZiGpLfwAEGKIhsPDECvDVXIqD-amCfVxjMUZ9Hxe-79afHEVZILTZxzE-DGfEXLVSc7FN02zrWZZwKZRk5ZGV_jAWB-063KRESTGsihLjsByL5XbVbOxyO8fTcNjISPqt0Q0T9xSexcIjlu34mv6MKX_6SPto7tBTSb_rGtwo_Wvu6UdBJkF3IDh6IA9rGMLMMDVdXwK-pBFsmH_NN9XiiiaUL61MXQjkt1Q7AJ_9oGVUSmpaEFWKqRYC7bznxxkmgblDsdzT1OZ6IvYdsBHBoGcAIP_AiHj5yfzW2rb3Bmn82iQKCUVuU6m3k1MRpB_8LK5U13WJ-5MjbWpKfoVTFdFTs62-pxdr9BYwolLdAQX30_qM_-2GOpBWZri9HO8ONTygkW4o4eXRmmQtOwVZRmsiYn_x9g0DVJputQ4DqXum4zaUJh_4Z7pkGQYhH2Pq206RMtLBWLEqqbAP6FIDmdd_iQWc0pw6b-eSw7e4ISTj2ByUVj3meDtr9taUkoM1DM_GhI41NIMqhHf0Ru4YxYNnbF1u66mYp9s1P8tnUFnMFwjyupB8YFUPuWLOduo4IC68c95wkQlftkFGlIg5DIuMxIKJ7rB3JhgqP8cmmeUH1CVlSSMqfaHBNLfDIow34gLL5H4OERZ4JxaQnvxOIMEjZpadj7ha3y8C6CG1h6CtHwJ_-phPG7VIMlwGK0Dinynf6bCksL21v1XAtSv4QM6kVJUtW5_rjYb3Q6MvRyK-Ppj9ooyK-vrt1HhO11Sin6815MhJ9SBIRkx4GDAs9yLy7DH_JdRUIhlLVHAu8-5aVgh3TkmNOQ32HlL3a8iZl4Ixe5wyBJ-Y5565b4IpHR-ItTuW4ETPa2cRGQCcE3Ux6sNM_kXUo8YzJgNjgMAxLVz7zFRXRbzLsrxht9Ui5aPvusXsYd4O9pNiN8sLtxWiomJkMFAu6CpP2CuO7FQV9tvRRFuMyAL9VuMA-XguJNN1cWpGzj5-s3iZ0gwrlcQeGFwmnFsszDfg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
platforms
odb.outbrain.com/utils/ Frame 7500
4 KB
2 KB
Script
General
Full URL
https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&idx=0&rand=91368&widgetJSId=AR_10&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=300&activeTab=true&settings=true&recs=true&key=ADIPO26N995I7C97HCI1JF7FG&adblck=false&abwl=false&ab=0&wl=0&version=2010292&sig=U5kqkRgl&apv=false&&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&ogn=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
869b6a48584a4a0de9bfeaf7b5601fcca2317abbd53ab5a206305ec48ecbf12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 07 May 2023 15:15:29 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1683472529.336429,VS0,VE116
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13620-LGA, cache-fra-eddf8230112-FRA
x-traceid
f1da48994d85afbeb80d8f06ac39f4d4
accept-ranges
bytes
content-length
1783
expires
Thu, 01 Jan 1970 00:00:00 GMT
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame 115F
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14616
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 10:31:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F91B
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 90DB
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Sun, 07 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
8d07b282c8e661b71feb1e048005bbde.js
s0.2mdn.net/sadbundle/8877380214956653405/ Frame 6FA0
104 KB
30 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8877380214956653405/8d07b282c8e661b71feb1e048005bbde.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ca7dc00ebd21774414cb682d0c1dd4d3b7b864612e2a0daa610112503d56d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:00:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65714
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30387
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:41:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 21:00:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4765
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 May 2023 15:15:29 GMT
truncated
/ Frame F91B
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e9abec7fa4b1ba99969721335f13bda0b0e65cab5c1234a0cedea7183fcc610

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 4765
26 KB
26 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=tMYNmjXw0t&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:05:36 GMT
x-content-type-options
nosniff
age
593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 May 2023 15:20:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B99
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWsXWjsBXZNfxDtvjx_APwPCjsA0AAAAAOAHgBAI&bg=!aGulaz_NAAYV_mUANf47ADkAdvg8WtrntjYBveJrTfVQORHC4A7Q05cy4uj1Q6X-vrmpIpMQ4CwIitQPd7gLOH67OGNOeBGgJA0CAAAErFIAAAADaAEHCgAeHfZxgYSCQtqEWETiUTIGLqMpF6Tch8c_jRUWlg7YmQMZXdBH5dtGmdrQOd211_Dsn9w9ldDAUFud3D3qZPVTmrKeaWA2ZCz2017HJ-edTTKKshWm322elJaTmLSsnp2cCp5gwS61GEMXCPxpZXUdH5Hi3eadTivbbooHMdm8SnSne4wmdAh6U480eghNDau99MyEzaX1_fxr7ZzzuH6TA47LNipP5Xw6WSSMfC2XLRlAupNbP3Tc5Dlnvk_c6WaKG9spuIV7VeTxcL-JLOjwNloLQJT8yuQWdZpGMG6GCSEsyLP8WddZtGZusQavgTtTTUIxqK5Jq1Hxd5rKNbxxyqOycrwLL0BxwT3CaGwAeFP3uoDwx6QXg0i_WMujlLYuw4heoh_ZDcGKe-MKz9-qSXhVAXt5eTkindwZZtuHqk4vnNhTwRSIP-uLsEL7SVw7hCZkXGE_EbIwa6TzfKyyI2ZtUKSDuceWfs8ozy9Gjdrkj7L1vhx9wwCGtcHm-v8Gw5S2dkqCQjrsMM76tX7Ag98zjzfNV4-v1mnXM4_J6rB3Hns90hV2Gm_TZ8BzYKHSqooa5XiXY_I3KfPH0yxQkEmSHW6s13QWZda5xEVDfeTFtBxIM9BUTAugYekvlDzUkFt5IfSEhJwtWMBVHhHw0IiJVFkjOp2lDi_OPPTYpo-ixS9-11ZQa0YJJ9p_P6Osp2LaBm0YFYk-YhJuMLJVjR2x-kadYu1LEmuRCi-gMtaG3P5bR3EEZIUJRRqGesNPwGzTNeKaBeGPI7rA-x9UDxG81dOn8-12f3UOcm2DkTqdIO33ySMAhD03xhbMTfZw05ax57AHSYX6Fo0ksf1dr3XzXB08pBXfMWi2pxe57IxTER8DMTbQ8qGX77MwuE0Gyep0RaWhQ7Ywe1cfuINBA48QjWUDGLr0i7yah48MXpOW7IBQG-hfiAfpGEalx-ycznVqjpHtq-A7wF59sb-4gtX2_256vmarn0WZvTU5ImBUACSuhx_nBixjQdL9PF4gfSoAYn5It2zqwVmprfQVMjwWL2XmBSzYeRSJxpkWNIpdJ6NDgIbtRCJm8jJz4uHp5X6CrbKMAepdIg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5CC0
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122074
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 05:20:55 GMT
expires
Sun, 05 May 2024 05:20:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 90DB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIbI_mAAbAgf2fuU_xec1kQ&google_cver=1&google_push=ATf1kGO6T4H4qmLW3TwNKHBQihj-SSIpRLa_M0Mx0fzFnWBsZ1LCGBoViX-7nWlCwP7aYRKBz9BSutMDSmf05HslaVlP8rX1rBMYHA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUxMjUxNDE3NDEyODQ4MjU0NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIbI_mAAbAgf2fuU_xec1kQ&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIbI_mAAbAgf2fuU_xec1kQ&google_cver=1
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 07 May 2023 15:15:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIbI_mAAbAgf2fuU_xec1kQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 90DB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJWHJ0f_3kDNBTv6wkMYN-Q&google_cver=1&google_push=ATf1kGNWqKcIN71iLRx1c_qVBW0ANX7wGVFPhpYFGMCgp6kzhiVcib3TdpjJdEDxRdglh6Aaf9azEfEuE8X8Z2j7...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4dxkV8CRQgCzapZb7jZVgA&google_push=ATf1kGNWqKcIN71iLRx1c_qVBW0ANX7wGVFPhpYFGMCgp6kzhiVcib3TdpjJdEDxRdglh6Aaf9azEfEuE8X8Z2j73IPP4nsb...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4dxkV8CRQgCzapZb7jZVgA&google_push=ATf1kGNWqKcIN71iLRx1c_qVBW0ANX7wGVFPhpYFGMCgp6kzhiVcib3TdpjJdEDxRdglh6Aaf9azEfEuE8X8Z2j73IPP4nsbX-p1NQ
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 07 May 2023 15:15:29 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x30 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4dxkV8CRQgCzapZb7jZVgA&google_push=ATf1kGNWqKcIN71iLRx1c_qVBW0ANX7wGVFPhpYFGMCgp6kzhiVcib3TdpjJdEDxRdglh6Aaf9azEfEuE8X8Z2j73IPP4nsbX-p1NQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 May 2023 15:15:28 GMT
dds
rtb.openx.net/sync/ Frame 90DB
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJig7tdYcpSPgdsSwAwb3Ig&google_cver=1&google_push=ATf1kGPW0w2Qz6gWYZc9rB-bhgVX9CNJbjB59FmCJdBPQn0YP2WYmwC1H15P2TmGtoHQOiEl8fzhzN9PUcoxjARJTzNRW6AC_4gzjA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
qi3np45fgqdpqhm36a1k11r1fahtmfb1
pixel
cm.g.doubleclick.net/ Frame 90DB
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFMYAQ7b4jlJgTg20kZWNCI&google_cver=1&google_push=ATf1kGOAMqj0FpyZh_K2quTqBY9yw-n_j4fL0OIEzr9FTMEO2tjAL9rag1tdePm2KXOgrcxVUfreISPNgBZX3xQK...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOAMqj0FpyZh_K2quTqBY9yw-n_j4fL0OIEzr9FTMEO2tjAL9rag1tdePm2KXOgrcxVUfreISPNgBZX3xQKUKTbr17Dbc03_w
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOAMqj0FpyZh_K2quTqBY9yw-n_j4fL0OIEzr9FTMEO2tjAL9rag1tdePm2KXOgrcxVUfreISPNgBZX3xQKUKTbr17Dbc03_w
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 07 May 2023 15:15:29 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOAMqj0FpyZh_K2quTqBY9yw-n_j4fL0OIEzr9FTMEO2tjAL9rag1tdePm2KXOgrcxVUfreISPNgBZX3xQKUKTbr17Dbc03_w
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Pt7f2W_Pp2wcXc8wzNpfhNGcRfeKAGXk5WkR5_ie_uc8GUxtfoY0dw==
pixel
cm.g.doubleclick.net/ Frame 90DB
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOs0KtwCcLoLSYvTJlxdPCo&google_cver=1&google_push=ATf1kGMwhD7ScKkFMbS84hn2eH45hDOJmvqislmSH1jvh7uRpS2mnbnfX6n_kl0YlE83Rs4Pj2ZZmxfmL3MwhtfPPxkOU8...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGMwhD7ScKkFMbS84hn2eH45hDOJmvqislmSH1jvh7uRpS2mnbnfX6n_kl0YlE83Rs4Pj2ZZmxfmL3Mwhtf...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGMwhD7ScKkFMbS84hn2eH45hDOJmvqislmSH1jvh7uRpS2mnbnfX6n_kl0YlE83Rs4Pj2ZZmxfmL3MwhtfPPxkOU8GPBBXtpg
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=79F7eedsTFa5_naZl-3GWQ&google_push=ATf1kGMwhD7ScKkFMbS84hn2eH45hDOJmvqislmSH1jvh7uRpS2mnbnfX6n_kl0YlE83Rs4Pj2ZZmxfmL3MwhtfPPxkOU8GPBBXtpg
access-control-allow-origin
*
date
Sun, 07 May 2023 15:15:29 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
report
sync.teads.tv/um/ Frame 90DB
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFEsKN0zDW-HWuON0bQUXIU&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMtvOUxeyN7uYLtl13P4krVFu8Udnc7_KTFLXaJY6GxjwBMxr2CksW8h5UwBlM3B8u24RdmKN4cyhmqaP8k5DH87B97LkqrTg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Sun, 07 May 2023 15:15:29 GMT
pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 90DB
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELfqJSGjf...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELf...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e77d0735-1c9b-4836-8451-97c7da07e83b&%%GOOGLE_PUSH_PAIR%%
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e77d0735-1c9b-4836-8451-97c7da07e83b&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e77d0735-1c9b-4836-8451-97c7da07e83b&%%GOOGLE_PUSH_PAIR%%
date
Sun, 07 May 2023 15:15:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 90DB
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LeVMphhGaMnFrwcmTxmZja6GirVy5FPyJtxwzfG_8hPz4ljJ_QbERPQqS6bakeOq_i77Bwagc
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame F115
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14616
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 10:31:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C6D1
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BUOTYjsBXZPqGJdfO1gbQnIXwBwAAAAA4AeAEAg&bg=!urmlue3NAAYV_mUANf47ADkAdvg8WgOqwHAtJLx0rCZMfXLtV_XURN0A5Q-V-NN5rzqeph7gmvm3EWBJjWybkC47keOUeJMwrUQCAAAEMVIAAAAEaAEHmQM02M2EApOMppDv6ViN5ssq8vXjUwY0_uSZEcVVMTNamJVJUX8tc5zdl8lsUQTDdDJ0rPjJDsf_A_4QpzKvFOodf8fhkvAlA9QtdzZ5wyfOIavh8MP838EVpDcoSKUuukGTr2GtrOS22-eJCVX36T9mGQEspk9Ue7l4DS4f4cFSTRP0hVFC_3NOdKR5jbTlklM77U2n1NkS2ir3Bz7xnGAEFqI-7zT6HZDWXyWM8dxE6cpP0HaOKRvMhhEiKQZRsUaIcuecVzQlmqZehTtzg_kY0Vl0xNyhGWwylWOEg1RR31moD6EGmY6mlL9auYywSbysfSqnD17FEnS8Hp1Zg5TbqHh_eljlMAH209DmP_TNIkzj-UdqTRismsJY0BhG72opb_eQXQPviXWjkCkZGERZQiDX90BCUDdOqknssb3nPkb77kVA6H3NjtaiNUGnF2YsMCA5hE0_zpSHP0j1Bedcxla0JQFJW3o3gTMWfDR-uNuIhgfG-Seblsoqn1nIsLNokNlSk0UakjTMyIy864NVEAR2pDMOJ-gVNP1YsZl9pTWyeANGIh0b0AN_NWSDyx6kfrF9eJ9Y1bQeDF2gq3NyCouPtYGXCS_N0Gcf8W_hDeRSQJPW0hjlgHgg-ixTiwSSeft8nzZh5Z8Mvad-l7d-5kFJoCTybhr6CksYhCLYzLToYlQK64Q2ZHbB7Qc893sCEzffw4iKUnMbFkojE2GX0UjUz5xyKOvbyw2W4lV7i0LKRuJHs5z5V0mVKYi9xske8i03_REiR1kY5LtK3hIHIC6ZcYLt47j4vLYj_74Z0taWUgbB9o6YB13tPXoV3mNFf1Zn3-IatJ7JK-ohk1A559V417npFN6hrTLJDUByNIL3REgJ-Zu6PeFPCgpwPFqItdcLHJ0u6xLXQr9z8hEjThv9GEdH5019ea26ETrhI2S2nUoq-koFbsIbaq4OieitOg8eFelF0EKrQvFwQvzv8ERgJESWmZOWPgvEO9lx-oZ4GShN96Ays7kK0S6cei8fu0nACiRQvfZ19lS9uraa0bE6zAuvbqrAc4_yh1tyjWoG2ocnyY1-8nf0SYt7Cb2mNI4lPw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 6FA0
2 KB
570 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8877380214956653405/8d07b282c8e661b71feb1e048005bbde.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 15:15:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 15:07:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 15:15:29 GMT
7e1bd447bda90f6994d1db3f5fbe6d73.png
s0.2mdn.net/sadbundle/8877380214956653405/media/ Frame 6FA0
34 KB
34 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8877380214956653405/media/7e1bd447bda90f6994d1db3f5fbe6d73.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4e4f946abcdaf4191b0fbdf68d786b520971b642ac34a4446b17ca6fafd87f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 06:12:05 GMT
x-content-type-options
nosniff
age
119004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34615
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:41:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 06:12:05 GMT
fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/8877380214956653405/media/ Frame 6FA0
7 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8877380214956653405/media/fb2405b160d35da2c54812c244ca11bc.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77954
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2357
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:41:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 17:36:15 GMT
l
mcdp-nydc1.outbrain.com/ Frame 7500
2 B
330 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=2c77eca576da42574dfc5a403071751f_119225_1683472529407&tm=478&eT=6&wRV=2010292&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 07 May 2023 15:15:29 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
9a049aedba4e621df0e6c539b935d29f
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 7D5C
4 KB
2 KB
Document
General
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.229.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-53.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Sun, 07 May 2023 15:15:29 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Sun, 14 May 2023 15:15:29 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
diwan_1-2513.ts
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
497 KB
497 KB
Fetch
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1-2513.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
1f868ce0919f7dcf803bd01b3c519a86c19fc4dd1808e33db1cb4094f3ba8c5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:29 GMT
Last-Modified
Sun, 07 May 2023 15:15:08 GMT
Server
amazon
ETag
"6457c07c-7c340"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
508736
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame 5CC0
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14616
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 10:31:06 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6FA0
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:58:23 GMT
x-content-type-options
nosniff
age
73026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 18:58:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F91B
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumxL2zqsjr8FPTbf1-qHXk3pgJTdrqFqxotnE_j0GjxFbJzH6y_WDkZAojB7hTwMCzFTWsCFVt8u0ZJftUdlJC9ZG_QSgAHOdNmouvpyl4SKzx-izjqng-wbqK5EDnx6MaX7NpTwwl8UdARCZ9Yw7WERCYy4HRrshILdVy0GpoTyECYTPozehSfJHFFHgM3VcX8dNfQRZyVrhL8VQxhVmQtJaUCf-0WXYdaTu4R_yXfYY6ECWfa_cR7C7BrDRuJuB1hKNItT8oG5VP7hm9OLgJDAhQ7EwbTLakBev7fM6crzk2jFNldjkSE2kTGiH0iJDaHDGsATFh0xXjR5spU_N9S4k7c59sNauB0-VQ2wawPpPLXTvavOJIjI5D3-iXglZawq-4J1Z2Drl1Rw5Utn_TAsER7K-oIL9S5Z7n9GXMvI3fnWXraYQCLVIcs11dONjEx5L7eVs8HgtvTwO5UlSRbIYvdRIDa72wS2H3I-IH3s0Jod0UIGV0qlRNKAlO-1H6o34_L_uueBPPP_kXbKnrfmwgGL-5Ob85efLlw_qGN2TQ3Bqvij9gSjCmXw9ORI0QOhQZoQQA8wlviXQUIizHzSWhpWAC3O-EEZVFBfG6wiRTyZnWGZkFIMmKBkpXVulXEWXhKj2XqTj4FGRoU9zjSJoF9V8X4KDYY2hHYyD2kIZCLA4qGaMYuynBNim7yzBvsuOQsq9WVTSpW9umOIBGQo29SOKBELZy0V4YeNTborX50z1dXt57JOLonIcl4xYXvN5IV5NVBSQMk26Ec_lLS3QnFYKL7Se8e2wuHO74c0C8mAvHQ6XmorqCqdhg5lnMVQvRwbeYuuFgXskf15vINScz8KLCgjVNJa3ogpaZxu9WS5zIPOsmakh9a3eOmmqvh5JRqrpVWKYE4tViKMKjXQmF_r1trpeLGZKUIgqVD7-ryzFrunubl7o2qmqJO3lNCMMlCHGqaDcYzhjX5Fvpjj6zRTMW1znr2va45kA9UYoo_sXbn0x5sz6XdmdHs7DiBDuK9XGFoHOZM8jPiO-pjnzx44fzKFiWt_tGYVVSbxud1JzuGIzaNPt-ln9Xhc69oQuGq7B-Vp457WcbEANZ-fG3jCt1un492vtQ8W0VPv8-XdYcFmAXJTHZCNzQQRREcXihmT-4nRMoijZHTxPFpyLwNaBq5oOvol0AnWHMixPxTwVLYvhroNtu_WVCsftMihUQEWHsGgCTTV0YDny2y24cNO6-wurUDBlbvkyYyI4Ob_GLW3NgvqC4kpJYHPA&sai=AMfl-YQaLz_FIIGjigThOm90RG_ecUEDJz6NR0-lKGFXMvIXN6GPipzbZXAhODQq5tq5TWY_0oQD0rIf-xHP5305v-S8JVCn0qKTntyfY4En9up6KGpx6ojjkaxo50RPsNvd_MfRVrtdWUfOAbLd7DGGipV6JpDNUIxYxYYi6a3zYbVLkix_gINhMRXDmK_lNtWqsGAYuGkqS99gDDw25CPZJQF4XoZZ3PLCyaYjB3eH0vSPX_kBAmAbfhWrm5GtlmVwtbGvv90QrOaWK1om70saDhaxI3_eB4Y&sig=Cg0ArKJSzARzyynACp9fEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=771&vt=11&dtpt=522&dett=3&cstd=247&cisv=r20230502.48723&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 May 2023 15:15:29 GMT
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsHHb,pingTime:1,time:3204,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:2143%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1061,o:2143,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2133~0,1~100%5D,as:%5B2134~970.250%5D%7D%7D,%7Bsl:i,t:2143,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1060~100%5D,as:%5B1060~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:282,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:29,sis:693%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsHHb,pingTime:1,time:3204,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:2143%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1061,o:2143,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2133~0,1~100%5D,as:%5B2134~970.250%5D%7D%7D,%7Bsl:i,t:2143,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1060~100%5D,as:%5B1060~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:282,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:29,sis:693,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:29 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/8877380214956653405/media/ Frame 6FA0
7 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8877380214956653405/media/fb2405b160d35da2c54812c244ca11bc.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8877380214956653405/8d07b282c8e661b71feb1e048005bbde.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77954
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2357
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:41:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 17:36:15 GMT
diwan_1.m3u8
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
354 B
852 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
252bf3b7618a059de5c196c5c614f5115f962059665a60465cd261c0c98aef59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:29 GMT
Last-Modified
Sun, 07 May 2023 15:15:28 GMT
Server
amazon
ETag
"6457c090-162"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Expires
Sun, 07 May 2023 15:15:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E570
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNdhtj8BXZNqxLIqv-ga-4ZjQAgAAAAA4AeAEAg&bg=!LC-lL3vNAAYV_mUANf47ADkAdvg8WjLe4PrFQ-XuLZoIrlPmuR02q6T7n9P0_drvKPVr9MuhwwPAgKr_JQWMar5fv0FUh6mE_kICAAABolIAAAADaAEHmQN5hhg5r6p7AynLWpfMprUcdCUmH2r1sv7nriiAcVuT4d9x1_HZxLhGGcUCaxdfHSoMJEx4jjG7S2i5J_UiIJ9UehGJL3UkU1QxeOvEzvPH7fD-6EDpsY3RoS1OIZYGmb7_sjSH66HzENkO1FlK_npp01rePBynffRthmSwdPo1YAsITZrhx1_GiYQlALDmXsS3jclm3u_ZA17fanDdS4FnET4syHSkLukYFvDxqqCgHPVgMueDC0C_PYW9aJRe64_g0IvuSZk0_1R7fuoH6KA_9EEF7uHwKyR_UntylXA3Ft29zpjzo5HzZpZX94zgzK_LLxJ1E20sJYc_4wJdUK94WlIyBRNulDz4ArRB5CXcFn_hTZO0eCMqFrbwkrMg8lP2oTSa0GWu_N3sJIlFTU5RrNVTwtwX1aQdGoGjWMNJ9mus6wq-MG3Lp_-sKTsGPyP1dZFayY8J_ib4TxMaNO1kemD-UJCwNxKsRsxGLdGGAoRbrv3oo_CQpv3irqjYlBjZoXlp4Z-0wFI6rMV6Cmsp0LvnRCi5LUlurb77VNQaGJAQZwtpU2MksuxsfFdF0eNEU8ULXgitfTLrGO5fRgn4nF-IfCqLpQaqobYfr3DigT3mGgPNIOLhBz6wtC526IosSmicQAGoLagTlmtpq0aXMHxETuJf70u1lCvYfXfAwRT9Zmzygk7sWQUufzrHxqJX9P1rQWAHnQhhhLAm6TxuZtkOFa15jBuM-qL7QNxLuRUZitdHeXiI-TkrZc7zCBNlCKj9NElJxEUrrq1r1mYF0ez1WzF0Whq0edhYRXAQwssD3ZnDR0augZPjhWdkOJNg7SYQIULg1jR-rKXPV1mS2TwNuzgRJGN3lzK2_WAdhLl6vd5bbTCU0lMayoDZQkcGZ73N11RbGfxjMQkvFjcso4YVd0s-1k9ojxuQlzErt0E0xHilWGvX_FrnNAtFMrQn8BCaSn_h6zrbKCF10Y-uXwCZOHKEedw5G6ccwFUI_0kNHFuaYUz9dpUkVX_KrdvQoSw_dPisgJIDZ34SlbVYIdNbA8QdpFGKBk2_o4t1TzRpypCDFaI5gJeuqJPUiYA45_5xymzduumhXJtiIvKO16Y_bVcWqkIPBwwgmmxiNtdBELL3yEm-MZDkEOQPiQKTxoeuoHlv_awv11TNyjo6NX5Cw-kqfJQKtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/
0
226 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19484/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Sun, 07 May 2023 15:15:29 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
gen_204
pagead2.googlesyndication.com/pagead/ Frame 115F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6AUkj8BXZL_QLbXlx_APseSumAkAAAAAOAHgBAI&bg=!nJ-ln8vNAAYV_mUANf47ADkAdvg8WuKwmvEmydCJRZHN1_iXJ_aVdJSaawjY2Th8Icb863gABmbgTNFle4zuxQP9sK9BHlOBmqECAAAB0VIAAAAEaAEHmQMaBWc4TywMCxjoshM0RkiKbez1oU_SdmiCfqYIf0dscALzY8HoSUIE2m-aK-RRTNvQOgCAFk2XcquoVOrP7pC8qn6tO3xhpSGpA0uWI5WTQmo-SqMvhPUItmuI9sgbli3YiiL8lZTqZsGgEKoomBP98Tp9FdKMjzwGiQRbw0gSQcqi89VA2XbfO_g8xFVlSgB4Cd3wThdij3mAlIfFOfPlVRTSueHPDld65gqe2A1SIsn2MNnPmt6bDrOiYn9qAdVj5AzWeWoMmXd9qOMZrgmvwsqeFj8QTJsW3oa9hVl3vIBQYraCauxRAMxPNJ9EZQQDF034j3iatlJWjOq2c1-o_42XVivO6U92UlwU-zb7Mc5JsD2J1MYMN_uLy7EMBWvmjmFZWRO8eeELMsJKBK1ZwMecPHZmqxNl_Fzlqfs3dNhRTwdu1kHWFKuvnSsQj7vmmmQyIt3KchHPz3zsiSZXAZOWorXDcn_aPaW2_yOdrAYe65njvupP22t0qVEyQQGepLHwjfrmrWegycVWYgFh7IcoJv01cfvW49YooaloOYSOBmvamoc_eA2XAEGV3ulqOM7WPwCIXScJAR27w1U8EQT1CDKF8b9hJ7SrD-FKZwXVRaG2FlS-xPiZwcGB6vzkOOXgSQ6p4MmZ0LDctRMGBHwkrCG19m9cIhQ8s9tN8PA9qK6--WelNTyNz2eDS5sum65OEPLrEdfyIDwb6gzCLUx6W4tuXeFjjRs7cZgDo92MaWeTk1dEE1ZFDcHIoqtpsGCWExfLpkglYuGPcilgrSYGoNifuuNexS9G86a3KfUMx6Oh50hEaI4_Q-UycLgwPe1w89goMLj85nEjggObb4ChpEkef-hfGLjOYZiYNMchzZvq-YhE3Je8NqHMmMmwjZlbKgAxbTkY9tAG_qnUOuE9CEj2tyH6jUXR6VZyqxrtEv58PNqb2CHPoWOMDJs8fp2X7j-E32VReJ9AUSt42rg20uVpXs00WNQ6s2HtVURtTsq-ywPrk5GAqpam7PTjXXqCEaigUdTPCfh3Bw_6Nv_xEw0HO-PwbD4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 07 May 2023 15:15:29 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
288994
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
2 B
373 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&cw=1&pbt=1&lsw=1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
230941
expires
0
prebid
id5-sync.com/api/config/
135 B
544 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Sun, 07 May 2023 15:15:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame 99E2
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1683472527074
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame EF9B
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1683472528372&gdpr=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
v1
lb.eu-1-id5-sync.com/lb/
33 B
402 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
9fcd98d7dae83ae84722355163af5e5567f936a2b51c547697d34bafb2501ad7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Sun, 07 May 2023 15:15:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame E248
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1596916136504&version=m202301230201&ct=76&x=1&cor=693522339655846100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
692.json
id5-sync.com/g/v2/
216 B
625 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
3d013cc70447af1d8cc375d7ad4b638dd0847a8dd2f6cb7d2431ab72f92ddc10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Sun, 07 May 2023 15:15:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
diwan_1-2514.ts
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
478 KB
478 KB
Fetch
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1-2514.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
5685bd8fe2ed7455aecd44ba1205f8bd3f62c9e6a27c9bde66abaecf4c1c57fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:30 GMT
Last-Modified
Sun, 07 May 2023 15:15:12 GMT
Server
amazon
ETag
"6457c080-77620"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488992
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CC0
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMG33kMBXZPLPIbG3x_AP0pyu6A8AAAAAOAHgBAI&bg=!0NOl04fNAAYV_mUANf47ADkAdvg8Wrkn0HlCGs2W4CLlFGiQ5d8Hzkmd6bqnAzvtzhrYPq7_pPwBka8a3h9uflwQ3hMsWxSha8ECAAABrVIAAAACaAEHCgAvh1eQBrO7I32l5DIxAkbFrPO4hM-wBwEeq-_HdU6XyntQXl5u46GUirbVXqrMkgKZAzOkl0NabgqW0OpWzPw3tZWzdnDS703boLdICkkX8HkA7dhT8m6uP7mPRLrC_EYUiRxNpNVmVgO2mOlPgS7SeqWvYBg709jPhoHdhstkGgYj2wFxLeVVs-tWc1Luxd3ZFgZoNzYjsf0MZ5vCJ-GyMtDpoIAXw-9Wlgdmh27Q5PrQKcb9MLwcVCKjfG_BeaZbmeRyVV42OPEaNdRhUVeTGBg89khLvd-nbxtEmIuZlXG_4Jpcc8yreEk8tZvMuvpoyH2NdCKqfMZJmRMBN8SgGr97wZd7b11hYLXo2gsAnJZW0SfyDW8Iw3uUAGdZNUdwvrDM9W71t1zIPSJWj_9MIhBOIN_t6V4j4Y6qni1cmwA-IJ1n1J3HO-kocd0WPhmeMVjjAsFJ9qOfE0LIDuHOYmbp68NEd4FyA9NLk0U2ZIzbifAPHNGEDbNlrzNd_fjtGolxF9o9rUa_ekcbRGWhKHF2XwQPnXK0vwSZRrlNN27qcwdiZeLUn0PxhMFl1Jy8lpGnYFhasd4LdwMOjFr9gdRVbFopDNcpBrJDuLWR938Mbj_3RO37SdtREy0IAM2CU8kGqBh-2lZu2bcp6O6ijetayqQujV2HytmgtyCzbuDEZIRjcDsDP5OYVqR9t1m641R9Q64KiwvK4pSe6faQ8hSzM-L_k3uxIe-dQauOHbPgeNGoRhUhlpDxuM7hDfqhqRAgmTQ0g-Zzj7rnssAEaKTqRE5QO-_uSx_obP-NqjUWcHpp6EkmFhJ1aiHVEFWgXfbulztqx9r46iuMDZRjhTHikTyUonkWC3vVZTlCuUfdoPtkJ1PtObLLTsPSecJ3c53e-uO8q8MwFH7T0Vx5CzM7hNYz4ICQNI55VLjadNjN5szBbvJvFvKBBn8XxjwSZO_FPlsIF5pgVFJMJ9uGVKqTe5dKFP045MK69CgFcj600gD8cP1kjuEIDfvGMzyL6KNkP0QUYLPGDc7rf9-Rt01UHK3i29-l7i9vS80bF6NrexwHKSLxOQquyCAhkGaRPuUm5OSiwfSfYIC0qPIT5N81v8zoF9GlAwJPdDQ7SiJdR2CBYkj81lTU9JRoTodls5aQVe8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7500
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_O_5RseiFGP9-7zNUDoOEE_XkHKigmWDZcB4Uiw1TTsPfCU0QlO0kY9E8ym4K4Jp7feH1vcXB1luLURwTFqqd7IKX-U-emt7_rI4dm_trXE8RnoIZ&sig=Cg0ArKJSzDTDBj5vc0FaEAE&id=lidar2&mcvt=1000&p=647,1038,897,1338&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230504&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1041763575&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683472528672&rpt=534&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B621
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7093017526379&version=m202301230201&ct=76&x=1&cor=14567810932415973000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
diwan_1-2515.ts
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
489 KB
490 KB
Fetch
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1-2515.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
1061404d7efd9013a081f5b243ab1e54b49539e24ba2d9930e0346184002007d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:30 GMT
Last-Modified
Sun, 07 May 2023 15:15:16 GMT
Server
amazon
ETag
"6457c084-7a470"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
500848
cdb
bidder.criteo.com/
2 KB
2 KB
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=16947729309
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
15e4ee9e35f217a593a5ad80bb14251e9e1269af0cd0f4d50b8e7977b15eafd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 07 May 2023 15:15:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1626
c
prebid.a-mo.net/a/
0
41 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 07 May 2023 15:15:30 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid-request
onetag-sys.com/
15 B
362 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/
0
64 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c3a6b33dcd01da4-FRA
expires
0
bid
ap.lijit.com/rtb/
25 B
527 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467631/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
81cb71b582099d5005c024dc50ca947a2757ec242fefa49b10bede9ca6d0c616

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 07 May 2023 15:15:30 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
19 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203810382951121&correlator=3158161259588252&eid=31072019%2C44789878&output=ldjh&gdfp_req=1&vrg=202305020101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=23&adks=3972335646&didk=2089502801&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1683472530492-0%26hb_r_id%3D263fd2507f604131%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D279ca4c4d0509d25%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10836%252F1004997%252Fes-sahel-vs-us-ben-guerdane%252F&sc=1&cookie=ID%3Ddf2c38a3ee93e4f2%3AT%3D1683472525%3AS%3DALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ&gpic=UID%3D00000c11bb0d2cca%3AT%3D1683472525%3ART%3D1683472525%3AS%3DALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg&abxe=1&dt=1683472530600&lmt=1683472524&dlt=1683472524875&idt=554&adxs=0&adys=910&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10836%2F1004997%2Fes-sahel-vs-us-ben-guerdane%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhZUc_4w9BUO9KNe10o7IqK-mXyr0t-9tO_vf027LK7-Bs__qs4Fh4qbbML9s1ES-yBT7jz1fuFxD8N5oIIILmnG7w%2CABHeCvhUPINZfGG5oiz1Ne5ysFbv4QNpZuuOnpkNBpsCkUqQHjo32y85EkXlUkrBlR8Cn--YM0acskjoLhKE2_Mzrcqio_U%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvibfhCaBY5yA77b-1q_YvcxtUyAa1QTyYOu7C07-NiSTxYADvgxVoVrJiNjWrtlAHXRfh3HTAE0wIUUkt3l-wahauk%2CABHeCvgCi7DXl9UxSt2RxE2tyD9K2O9jqp61PBg4PljINncTcsiRUVGPZPdBtx_W5hks7tUZC029NQ6kNC47yLzEwCvjd5Y%2CABHeCvjFUP77AEs-RmbpJJp3pZufu2LErxBRS3whRPNPwB00j_ImOFj9Qxhi2kXFsKkpeKpRRT7CypS6tEgfgKLu_PIFPD8%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1104036331.1683472525&ga_sid=1683472525&ga_hid=2144473855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NOgtv8wSABSAghkEhkKCnB1YmNpZC5vcmcY1tagtv8wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPzToLb_MEgAUgIIZBLuAQoIcnRiaG91c2US2AFocmdzVnVkY21yRjhmNURQamNoZ004ZHJKQUdxY05iT2krNnRMMnNxTVEzVVl4OHFoa0txQ2Nzem5nMGlEY01wdmhteEh1aTkwbkx1b0hOVFJ2QVpYTkFvK2ErWEpqN2lXTXZBNWNGVmVoc2YwWXRLdDB4K2xEcVViZU1tcEFHU2N6Q2VhbHJ0K2JLalhEN1Y1L0ZvdjdmVVBiTmpVNjBBdW9yTy9uaGRKOFFvQ0FtSVhvL3o3Q09JLzVqNGpqQlp2ZkpyKzMwZnBKWjZDcVp2Qm53WTlnPT0Yzdigtv8wSAASGQoKdWlkYXBpLmNvbRj806C2_zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGL3XoLb_MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6343b2336c9da4ee9e84a73fc810a9270cdb4d46c94fe53b1e085b4ed9d83d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8851
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F91B
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6032385284685&version=m202301230201&ct=76&x=1&cor=5677650128719709000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72E3
6 KB
3 KB
Document
General
Full URL
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:25 GMT
expires
Mon, 06 May 2024 15:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A292
466 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNVmYR1XM6i2LU345nw5qzQtiHWn63uyv4mLkDNADShkDWwaGR_L_GmCUKavQ0trGd5QLUdQBDmvPgbPK_PT5efHtuTdCfjI1KjlTo6FgqfeErX3laW6lvYSMuKALlVqTbn5_pmrtLEYm7FeCXEB-c3bR-k17LbwO-x30nZPauLHB2Fp3lw
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:15:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 72E3
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72E3
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHvjtLMPUDsWtSgh_TLZnXNUCkPi7yPAgsANTJl9-A5sqexqu3J0DPXWf83dodvbZCANsnZwXgVtyScVKrx8pujUiEVRITBDctXotLt4PmD9v72Xk
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72E3
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11567283318108212554&x=1&ct=76
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 72E3
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 13:50:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 72E3
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
76724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 17:56:47 GMT
l
www.google.com/ads/measurement/ Frame 72E3
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8E3SUI4rimEKQ3iBivzqqxZJuUZYKMoAxLJnSrInaW1h48j_ydkHAbTSOspWST5cNdVanx2Oi9picQXZUuTD7GMAUdw
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 72E3
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:31 GMT
partner
sync.search.spotxchange.com/ Frame A292
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF6xYnZXC6diJK8jvCWwXiE&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF6xYnZXC6diJK8jvCWwXiE&google_cver=1&__user_check__=1&sync_id=019bd2c3-ecea-11ed-8db5-1ac857eb0506
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF6xYnZXC6diJK8jvCWwXiE&google_cver=1&__user_check__=1&sync_id=019bd2c3-ecea-11ed-8db5-1ac857eb0506
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNVmYR1XM6i2LU345nw5qzQtiHWn63uyv4mLkDNADShkDWwaGR_L_GmCUKavQ0trGd5QLUdQBDmvPgbPK_PT5efHtuTdCfjI1KjlTo6FgqfeErX3laW6lvYSMuKALlVqTbn5_pmrtLEYm7FeCXEB-c3bR-k17LbwO-x30nZPauLHB2Fp3lw
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
44
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 07 May 2023 15:15:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7025&uid=CAESEF6xYnZXC6diJK8jvCWwXiE&google_cver=1&__user_check__=1&sync_id=019bd2c3-ecea-11ed-8db5-1ac857eb0506
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
72
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A292
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDE5ODZiNjctZWNlYS0xMWVkLWI5NDQtMWE3Y2I5ZTMwNDA2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDE5ODZiNjctZWNlYS0xMWVkLWI5NDQtMWE3Y2I5ZTMwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNVmYR1XM6i2LU345nw5qzQtiHWn63uyv4mLkDNADShkDWwaGR_L_GmCUKavQ0trGd5QLUdQBDmvPgbPK_PT5efHtuTdCfjI1KjlTo6FgqfeErX3laW6lvYSMuKALlVqTbn5_pmrtLEYm7FeCXEB-c3bR-k17LbwO-x30nZPauLHB2Fp3lw
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 07 May 2023 15:15:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDE5ODZiNjctZWNlYS0xMWVkLWI5NDQtMWE3Y2I5ZTMwNDA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
51
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A292
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1IZ2FPNDQ1RTJ1RWlzUWV4UGNVZ0FrNXVCZzB6dXJfSn5B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1IZ2FPNDQ1RTJ1RWlzUWV4UGNVZ0FrNXVCZzB6dXJfSn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxjI583IATAB&v=APEucNVmYR1XM6i2LU345nw5qzQtiHWn63uyv4mLkDNADShkDWwaGR_L_GmCUKavQ0trGd5QLUdQBDmvPgbPK_PT5efHtuTdCfjI1KjlTo6FgqfeErX3laW6lvYSMuKALlVqTbn5_pmrtLEYm7FeCXEB-c3bR-k17LbwO-x30nZPauLHB2Fp3lw
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1IZ2FPNDQ1RTJ1RWlzUWV4UGNVZ0FrNXVCZzB6dXJfSn5B
date
Sun, 07 May 2023 15:15:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72E3
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6252600634413&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72E3
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6252600634413&version=m202301230201&ct=76&x=1&cor=11567283318108213000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 72E3
83 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKAmDsPehoxo8Grizlnfjt5O-AtjaCmlj5v6AU093d7J094-2iysWWE7_HS1Lf_SIrd2kU70q4N_UdQb-HmQ1W6zoB6w&cry=1&dbm_d=AKAmf-DLqADtiUDLNXRH7grC1xTYUiekCu_OCPztU1kQeUWCXsAqmxIHUdicPWTiYKefzce8S8VRg8lpAc82slj1zp92jsVTHPwHCEgLzAUq3bxsGyqEU30w_JBXV36NXRLzc5MvX9GYhf1Nc4E_rCaizsg66e7QvAVk9_8w3XXtUMYqE2_6Lzl-5qfAP8s5pACgDbpYJ1ASD4p5JgJ3VmL_A9x8mTZh9JZMRyCZ3j_sJa_lBR6XeV61IYt1DQl0oxrVEF0XxxHWY1mGjcgXMC-j-VJvxOzR4bOOB14avTei7szh88TlWkhYZ2BV96tWyewzm8fCdwydxSFUEW1p7jcbXoEysLNs3iqwCMazdJx_4BA2cXIsRQwgLKxuwoFeBHzZoxvMPoJ4zdbyz2SNKSGIddnnPGTneWqkX7cNH8fGzhGCT3qzUfhCYktUy6ZY9_G1hjPzJ7ZcUD-StOEJI8AIrdktP30lDBZw0jMduQ1R_DR9C9FGW-sVB83G1VojGfRrZEqeCgSlSKBJ3l3AWL-GEMHXBHeDkCM5EXdw5ppWGyFnFte7CMNNz1iGIqHrwXV6rgXZTnt5qzvZhjA1JCR3mY29lvqybU6Oegu5T-So1XYpTI9h-g9VcAyFRO-fWzpTGuWUa9zMGAm8lBoafeVWHKtufyvRk7mv84PdnaLpMTPit7jbazIAbaJA6-1tbzGx3v_Ptqu1JAjcfG7BjzugZrEiwm_79ebUXaZ9mwifnhuT6FeReB_rXM8hUbafgkyIDTz0Glo80CIECpTnR4YiAymXMRDGzTbOnZ_wCfP1YeJbEFt8I_v6mHStI5FjJurngVPpVUM1ab76YkENm8g8YoUjJPiaJuZdU3QLRY61r6wpZWSah5lBPEkLPxt1kEEK103TVIBroKCflrauM1h-qksFvgQmhPeDAGT9lusSfTNXJgfRELcAL_T_cimwVM4nQcLubA_fFy8U-iOvjgUDUsosdV8ntbKtSrxtvnkbD8UHEsAUnFiKJK7vjKyNC3AjI275TyR3WWw9EI0vwN2d8J0P4aQ35yxVNtVs8X1tFtFEN2E-HzniOcQVYG-vb81h6DOqbnjRwae1nEf3Y3shqiJ6tQij2drOU-r5YZZ4Nzxbwd_egp7YExicqlxcyYxuMily9muKjmnqM2oF7IkC0S4CFJRdUHpT9PK-omOB-3hS8nz1sY3W95BBuCIUfIY3PPbu8Jt2UkHPLj0c4jzqRNcw0HBWWebzJGGHYN6frC7CWgJwYAgGh1NIdoEg2i1qx8elRffQookOvz2boAeIGMKYEANjh649VB5FRv1aYGlfwfk-cZrZL4ZvwHUO-QxRBZR0QakfgV-Ewr6LNhmOiW8WAJ6PD0vwiXhcruTmiAuN_hso98nAr5PqIKaSu_3dhz7GYJpLYU56uTIJ39dGj_CGTQO9FDxuWQkuzozBB-4qNmabAHOEW1zHrxThiHQuihTklUukZ--CIReEQfspr0JL66HGIo882NEpUZTMj2a4R7Gbgvyouu7fVuG-l2-Uvig4j2KtIIgHp_L_7WUrbJDSJsQRCayVDEgihFOYgYX9eUwNRttlPufAQn5gifHBiTEhjCy8Imlq9NKZ9GtUpRnrplxm8xG_o1uaSY8h1q_zcn3U96uNjJfkWPeGpMNhr8sCi2L1Lzx6EDlZyJqToZTZwLezi0aTXs-tnwYaHVZ03jYZ8xdmk3jOtAmQ6r02PfHtJzULn3qfSyRUkNYGxN2mB8TBWjxirU3OK8gzFCWutludR2yezwtdsu7bX9ovRJy86ViUF6AMxIqTiLIxj0Uqe-cAl-E0PinVxGEWfV4mHelmJ21NRmLaKgFmIxghkzHGSjtopdEB4RH3ln9agaomZAoC7wLb1xmtEh-5RGwfmcKZo4CSod26q4KWTp5sx-4qIYp9H65ePdYVwymob2a5HJLszUrfajJoRyh-TwcbM-M1EQahvpsOKxJvm7uEXxsejgVeGySqQsPs-RA8BXmaR0TgtdCaZdHitZAAgNUBDLMYkZIGhkjEMszD5gsec-kzrJUKNCfnPFzEKCgSw_sMvEcLGWAiOynu4JLwAJNnkKTSYBZkS1Ovn2TnAr_Yy8NtvdIkMt_WvGDbVzsvN90Ez9ZVEZsfnQvF8su4CaKn7MOOQr6ri29Im3eVOUZVDYCC7sUDnkMaN5QKcILEe1V2k_eDK3fSNZMLLFa15Lu1Ke2UJDj3dJDSJa5TPPjiVV7C7UiHDzMWT1tta9jvew2yGAPhuxdsoIe-R1cwMGUIfyJKUpLwK6uVog3fvITI_LpRk0qxH3fVmtAwIpHe69ZNuiucXkieNgCl-XpAQ8CuoGkfDw2CMeu7IDwgnmXq4lTS-nU6UFvx9CLre-WmKaPMS0fpFHbBRDfmunUUmdn2MBAVK7tAyCbg3gUnf4AYif25BDZi4FsyFa1Qg1UfOv5-sj1OmwzCNnta5jSnicB_5-nD4m1pUq44GT9ny5mW1WMNTFph7D705uTzkBZgdawhvARO01n5cLwvyZTzH2RotMuxKEA-C4OTBpyNWv7lb_8OhlO4mDeW-tlmB8Tsx1Aap754O-3mulrKjH7XHXGhr2p4BlH6tkqE80r0gNwZzOA7ti5lxmZWBLYefNYjmziPRX7Fmjza3YB6vcbBVHLgK2LpY__6BzgUCbGr6lwacLSGkvyhOM5bdPuN5hO0W-2_Lqoulh31z_savTqZvNjVEFCbDlLXQK6lBtOVIY2m0DB-oBJyQdLR8RN4lwql4vuVNNOwKxm8JM4gR2lmMSnf4eHHKNqOdBOW7GzEiVVWlh9wrDXszm11zZxRYpQAj5IAZgfOmMb6Ulc8YejdVIF-5ryujEiisqrHuWT4WeVxCBsRMkrf5QVSNs6h6riaYJLnW7NVDIjM175vEBwb-YJnbbvn9nzn-vRiaMrQGWyuNfRwwtu1mh6j4LaMt9Y6WOjJ51mG-0CSwuyKovdof08Wes1zy5kBkAZld0tmvjht9w3-oLY-CFwZOQeQVSXKEaY-qHqWNGb8d1xktOMamnZrdsqKw1tjuJZTmsdraEwYcKCiXvFu-4hqf7ZCQ8yTaZbDdYI-mftwyK93yoWvv_WKQlOxLppnxQXEHa8fcdZKY2tUpQJRGjglKhiiraNjLm6nDFESJ9nFOgu08FPLHQMXU07IrZgDdCDS8Dl_esLn7qWbOahMUuM1A9o_F729k53KwzRGNtc7K6sej2Fr7pMaujj7Z02uRHj2Po5EwENwQ3UYHPqqgyVlppWs6m4pqT-jiMZm8YY9ijrNm3Y1KsHjWmB_EqxT42wNGXhGMQAcGIXImPwt5tOwEty9obj1V6YmQmsNrPCSi6PiIOVZV9oMonjZ4KAfiGTHWwHRY88qUKPSx9Xhhp9ivBMpr3DexHCNzwKWsyxCmPMorYmcnncOHeCWaBDgJ8Mnvjwj8TBgZa9zu0sxqdySyADg2GDtwen6S658xDoUONHHK8SfGz1qWhfTpYI&cid=CAQSPABygQiDmQHTnJ5WR8X5r9WcWTbV6KC2i04R5uM63T_F3vdvXCxOtuL9sfX2pOfk5vQzAVqYlXAN3XnmABgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=11567283318108213000&adk=2004672170&idt=144&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af2c42756201e955ac3c7134b99df4665ba36f14f39377f993665248bb60f55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35729
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 72E3
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Origin
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame 72E3
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKAmDsPehoxo8Grizlnfjt5O-AtjaCmlj5v6AU093d7J094-2iysWWE7_HS1Lf_SIrd2kU70q4N_UdQb-HmQ1W6zoB6w&cry=1&dbm_d=AKAmf-DLqADtiUDLNXRH7grC1xTYUiekCu_OCPztU1kQeUWCXsAqmxIHUdicPWTiYKefzce8S8VRg8lpAc82slj1zp92jsVTHPwHCEgLzAUq3bxsGyqEU30w_JBXV36NXRLzc5MvX9GYhf1Nc4E_rCaizsg66e7QvAVk9_8w3XXtUMYqE2_6Lzl-5qfAP8s5pACgDbpYJ1ASD4p5JgJ3VmL_A9x8mTZh9JZMRyCZ3j_sJa_lBR6XeV61IYt1DQl0oxrVEF0XxxHWY1mGjcgXMC-j-VJvxOzR4bOOB14avTei7szh88TlWkhYZ2BV96tWyewzm8fCdwydxSFUEW1p7jcbXoEysLNs3iqwCMazdJx_4BA2cXIsRQwgLKxuwoFeBHzZoxvMPoJ4zdbyz2SNKSGIddnnPGTneWqkX7cNH8fGzhGCT3qzUfhCYktUy6ZY9_G1hjPzJ7ZcUD-StOEJI8AIrdktP30lDBZw0jMduQ1R_DR9C9FGW-sVB83G1VojGfRrZEqeCgSlSKBJ3l3AWL-GEMHXBHeDkCM5EXdw5ppWGyFnFte7CMNNz1iGIqHrwXV6rgXZTnt5qzvZhjA1JCR3mY29lvqybU6Oegu5T-So1XYpTI9h-g9VcAyFRO-fWzpTGuWUa9zMGAm8lBoafeVWHKtufyvRk7mv84PdnaLpMTPit7jbazIAbaJA6-1tbzGx3v_Ptqu1JAjcfG7BjzugZrEiwm_79ebUXaZ9mwifnhuT6FeReB_rXM8hUbafgkyIDTz0Glo80CIECpTnR4YiAymXMRDGzTbOnZ_wCfP1YeJbEFt8I_v6mHStI5FjJurngVPpVUM1ab76YkENm8g8YoUjJPiaJuZdU3QLRY61r6wpZWSah5lBPEkLPxt1kEEK103TVIBroKCflrauM1h-qksFvgQmhPeDAGT9lusSfTNXJgfRELcAL_T_cimwVM4nQcLubA_fFy8U-iOvjgUDUsosdV8ntbKtSrxtvnkbD8UHEsAUnFiKJK7vjKyNC3AjI275TyR3WWw9EI0vwN2d8J0P4aQ35yxVNtVs8X1tFtFEN2E-HzniOcQVYG-vb81h6DOqbnjRwae1nEf3Y3shqiJ6tQij2drOU-r5YZZ4Nzxbwd_egp7YExicqlxcyYxuMily9muKjmnqM2oF7IkC0S4CFJRdUHpT9PK-omOB-3hS8nz1sY3W95BBuCIUfIY3PPbu8Jt2UkHPLj0c4jzqRNcw0HBWWebzJGGHYN6frC7CWgJwYAgGh1NIdoEg2i1qx8elRffQookOvz2boAeIGMKYEANjh649VB5FRv1aYGlfwfk-cZrZL4ZvwHUO-QxRBZR0QakfgV-Ewr6LNhmOiW8WAJ6PD0vwiXhcruTmiAuN_hso98nAr5PqIKaSu_3dhz7GYJpLYU56uTIJ39dGj_CGTQO9FDxuWQkuzozBB-4qNmabAHOEW1zHrxThiHQuihTklUukZ--CIReEQfspr0JL66HGIo882NEpUZTMj2a4R7Gbgvyouu7fVuG-l2-Uvig4j2KtIIgHp_L_7WUrbJDSJsQRCayVDEgihFOYgYX9eUwNRttlPufAQn5gifHBiTEhjCy8Imlq9NKZ9GtUpRnrplxm8xG_o1uaSY8h1q_zcn3U96uNjJfkWPeGpMNhr8sCi2L1Lzx6EDlZyJqToZTZwLezi0aTXs-tnwYaHVZ03jYZ8xdmk3jOtAmQ6r02PfHtJzULn3qfSyRUkNYGxN2mB8TBWjxirU3OK8gzFCWutludR2yezwtdsu7bX9ovRJy86ViUF6AMxIqTiLIxj0Uqe-cAl-E0PinVxGEWfV4mHelmJ21NRmLaKgFmIxghkzHGSjtopdEB4RH3ln9agaomZAoC7wLb1xmtEh-5RGwfmcKZo4CSod26q4KWTp5sx-4qIYp9H65ePdYVwymob2a5HJLszUrfajJoRyh-TwcbM-M1EQahvpsOKxJvm7uEXxsejgVeGySqQsPs-RA8BXmaR0TgtdCaZdHitZAAgNUBDLMYkZIGhkjEMszD5gsec-kzrJUKNCfnPFzEKCgSw_sMvEcLGWAiOynu4JLwAJNnkKTSYBZkS1Ovn2TnAr_Yy8NtvdIkMt_WvGDbVzsvN90Ez9ZVEZsfnQvF8su4CaKn7MOOQr6ri29Im3eVOUZVDYCC7sUDnkMaN5QKcILEe1V2k_eDK3fSNZMLLFa15Lu1Ke2UJDj3dJDSJa5TPPjiVV7C7UiHDzMWT1tta9jvew2yGAPhuxdsoIe-R1cwMGUIfyJKUpLwK6uVog3fvITI_LpRk0qxH3fVmtAwIpHe69ZNuiucXkieNgCl-XpAQ8CuoGkfDw2CMeu7IDwgnmXq4lTS-nU6UFvx9CLre-WmKaPMS0fpFHbBRDfmunUUmdn2MBAVK7tAyCbg3gUnf4AYif25BDZi4FsyFa1Qg1UfOv5-sj1OmwzCNnta5jSnicB_5-nD4m1pUq44GT9ny5mW1WMNTFph7D705uTzkBZgdawhvARO01n5cLwvyZTzH2RotMuxKEA-C4OTBpyNWv7lb_8OhlO4mDeW-tlmB8Tsx1Aap754O-3mulrKjH7XHXGhr2p4BlH6tkqE80r0gNwZzOA7ti5lxmZWBLYefNYjmziPRX7Fmjza3YB6vcbBVHLgK2LpY__6BzgUCbGr6lwacLSGkvyhOM5bdPuN5hO0W-2_Lqoulh31z_savTqZvNjVEFCbDlLXQK6lBtOVIY2m0DB-oBJyQdLR8RN4lwql4vuVNNOwKxm8JM4gR2lmMSnf4eHHKNqOdBOW7GzEiVVWlh9wrDXszm11zZxRYpQAj5IAZgfOmMb6Ulc8YejdVIF-5ryujEiisqrHuWT4WeVxCBsRMkrf5QVSNs6h6riaYJLnW7NVDIjM175vEBwb-YJnbbvn9nzn-vRiaMrQGWyuNfRwwtu1mh6j4LaMt9Y6WOjJ51mG-0CSwuyKovdof08Wes1zy5kBkAZld0tmvjht9w3-oLY-CFwZOQeQVSXKEaY-qHqWNGb8d1xktOMamnZrdsqKw1tjuJZTmsdraEwYcKCiXvFu-4hqf7ZCQ8yTaZbDdYI-mftwyK93yoWvv_WKQlOxLppnxQXEHa8fcdZKY2tUpQJRGjglKhiiraNjLm6nDFESJ9nFOgu08FPLHQMXU07IrZgDdCDS8Dl_esLn7qWbOahMUuM1A9o_F729k53KwzRGNtc7K6sej2Fr7pMaujj7Z02uRHj2Po5EwENwQ3UYHPqqgyVlppWs6m4pqT-jiMZm8YY9ijrNm3Y1KsHjWmB_EqxT42wNGXhGMQAcGIXImPwt5tOwEty9obj1V6YmQmsNrPCSi6PiIOVZV9oMonjZ4KAfiGTHWwHRY88qUKPSx9Xhhp9ivBMpr3DexHCNzwKWsyxCmPMorYmcnncOHeCWaBDgJ8Mnvjwj8TBgZa9zu0sxqdySyADg2GDtwen6S658xDoUONHHK8SfGz1qWhfTpYI&cid=CAQSPABygQiDmQHTnJ5WR8X5r9WcWTbV6KC2i04R5uM63T_F3vdvXCxOtuL9sfX2pOfk5vQzAVqYlXAN3XnmABgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=11567283318108213000&adk=2004672170&idt=144&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
76464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:01:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 72E3
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKAmDsPehoxo8Grizlnfjt5O-AtjaCmlj5v6AU093d7J094-2iysWWE7_HS1Lf_SIrd2kU70q4N_UdQb-HmQ1W6zoB6w&cry=1&dbm_d=AKAmf-DLqADtiUDLNXRH7grC1xTYUiekCu_OCPztU1kQeUWCXsAqmxIHUdicPWTiYKefzce8S8VRg8lpAc82slj1zp92jsVTHPwHCEgLzAUq3bxsGyqEU30w_JBXV36NXRLzc5MvX9GYhf1Nc4E_rCaizsg66e7QvAVk9_8w3XXtUMYqE2_6Lzl-5qfAP8s5pACgDbpYJ1ASD4p5JgJ3VmL_A9x8mTZh9JZMRyCZ3j_sJa_lBR6XeV61IYt1DQl0oxrVEF0XxxHWY1mGjcgXMC-j-VJvxOzR4bOOB14avTei7szh88TlWkhYZ2BV96tWyewzm8fCdwydxSFUEW1p7jcbXoEysLNs3iqwCMazdJx_4BA2cXIsRQwgLKxuwoFeBHzZoxvMPoJ4zdbyz2SNKSGIddnnPGTneWqkX7cNH8fGzhGCT3qzUfhCYktUy6ZY9_G1hjPzJ7ZcUD-StOEJI8AIrdktP30lDBZw0jMduQ1R_DR9C9FGW-sVB83G1VojGfRrZEqeCgSlSKBJ3l3AWL-GEMHXBHeDkCM5EXdw5ppWGyFnFte7CMNNz1iGIqHrwXV6rgXZTnt5qzvZhjA1JCR3mY29lvqybU6Oegu5T-So1XYpTI9h-g9VcAyFRO-fWzpTGuWUa9zMGAm8lBoafeVWHKtufyvRk7mv84PdnaLpMTPit7jbazIAbaJA6-1tbzGx3v_Ptqu1JAjcfG7BjzugZrEiwm_79ebUXaZ9mwifnhuT6FeReB_rXM8hUbafgkyIDTz0Glo80CIECpTnR4YiAymXMRDGzTbOnZ_wCfP1YeJbEFt8I_v6mHStI5FjJurngVPpVUM1ab76YkENm8g8YoUjJPiaJuZdU3QLRY61r6wpZWSah5lBPEkLPxt1kEEK103TVIBroKCflrauM1h-qksFvgQmhPeDAGT9lusSfTNXJgfRELcAL_T_cimwVM4nQcLubA_fFy8U-iOvjgUDUsosdV8ntbKtSrxtvnkbD8UHEsAUnFiKJK7vjKyNC3AjI275TyR3WWw9EI0vwN2d8J0P4aQ35yxVNtVs8X1tFtFEN2E-HzniOcQVYG-vb81h6DOqbnjRwae1nEf3Y3shqiJ6tQij2drOU-r5YZZ4Nzxbwd_egp7YExicqlxcyYxuMily9muKjmnqM2oF7IkC0S4CFJRdUHpT9PK-omOB-3hS8nz1sY3W95BBuCIUfIY3PPbu8Jt2UkHPLj0c4jzqRNcw0HBWWebzJGGHYN6frC7CWgJwYAgGh1NIdoEg2i1qx8elRffQookOvz2boAeIGMKYEANjh649VB5FRv1aYGlfwfk-cZrZL4ZvwHUO-QxRBZR0QakfgV-Ewr6LNhmOiW8WAJ6PD0vwiXhcruTmiAuN_hso98nAr5PqIKaSu_3dhz7GYJpLYU56uTIJ39dGj_CGTQO9FDxuWQkuzozBB-4qNmabAHOEW1zHrxThiHQuihTklUukZ--CIReEQfspr0JL66HGIo882NEpUZTMj2a4R7Gbgvyouu7fVuG-l2-Uvig4j2KtIIgHp_L_7WUrbJDSJsQRCayVDEgihFOYgYX9eUwNRttlPufAQn5gifHBiTEhjCy8Imlq9NKZ9GtUpRnrplxm8xG_o1uaSY8h1q_zcn3U96uNjJfkWPeGpMNhr8sCi2L1Lzx6EDlZyJqToZTZwLezi0aTXs-tnwYaHVZ03jYZ8xdmk3jOtAmQ6r02PfHtJzULn3qfSyRUkNYGxN2mB8TBWjxirU3OK8gzFCWutludR2yezwtdsu7bX9ovRJy86ViUF6AMxIqTiLIxj0Uqe-cAl-E0PinVxGEWfV4mHelmJ21NRmLaKgFmIxghkzHGSjtopdEB4RH3ln9agaomZAoC7wLb1xmtEh-5RGwfmcKZo4CSod26q4KWTp5sx-4qIYp9H65ePdYVwymob2a5HJLszUrfajJoRyh-TwcbM-M1EQahvpsOKxJvm7uEXxsejgVeGySqQsPs-RA8BXmaR0TgtdCaZdHitZAAgNUBDLMYkZIGhkjEMszD5gsec-kzrJUKNCfnPFzEKCgSw_sMvEcLGWAiOynu4JLwAJNnkKTSYBZkS1Ovn2TnAr_Yy8NtvdIkMt_WvGDbVzsvN90Ez9ZVEZsfnQvF8su4CaKn7MOOQr6ri29Im3eVOUZVDYCC7sUDnkMaN5QKcILEe1V2k_eDK3fSNZMLLFa15Lu1Ke2UJDj3dJDSJa5TPPjiVV7C7UiHDzMWT1tta9jvew2yGAPhuxdsoIe-R1cwMGUIfyJKUpLwK6uVog3fvITI_LpRk0qxH3fVmtAwIpHe69ZNuiucXkieNgCl-XpAQ8CuoGkfDw2CMeu7IDwgnmXq4lTS-nU6UFvx9CLre-WmKaPMS0fpFHbBRDfmunUUmdn2MBAVK7tAyCbg3gUnf4AYif25BDZi4FsyFa1Qg1UfOv5-sj1OmwzCNnta5jSnicB_5-nD4m1pUq44GT9ny5mW1WMNTFph7D705uTzkBZgdawhvARO01n5cLwvyZTzH2RotMuxKEA-C4OTBpyNWv7lb_8OhlO4mDeW-tlmB8Tsx1Aap754O-3mulrKjH7XHXGhr2p4BlH6tkqE80r0gNwZzOA7ti5lxmZWBLYefNYjmziPRX7Fmjza3YB6vcbBVHLgK2LpY__6BzgUCbGr6lwacLSGkvyhOM5bdPuN5hO0W-2_Lqoulh31z_savTqZvNjVEFCbDlLXQK6lBtOVIY2m0DB-oBJyQdLR8RN4lwql4vuVNNOwKxm8JM4gR2lmMSnf4eHHKNqOdBOW7GzEiVVWlh9wrDXszm11zZxRYpQAj5IAZgfOmMb6Ulc8YejdVIF-5ryujEiisqrHuWT4WeVxCBsRMkrf5QVSNs6h6riaYJLnW7NVDIjM175vEBwb-YJnbbvn9nzn-vRiaMrQGWyuNfRwwtu1mh6j4LaMt9Y6WOjJ51mG-0CSwuyKovdof08Wes1zy5kBkAZld0tmvjht9w3-oLY-CFwZOQeQVSXKEaY-qHqWNGb8d1xktOMamnZrdsqKw1tjuJZTmsdraEwYcKCiXvFu-4hqf7ZCQ8yTaZbDdYI-mftwyK93yoWvv_WKQlOxLppnxQXEHa8fcdZKY2tUpQJRGjglKhiiraNjLm6nDFESJ9nFOgu08FPLHQMXU07IrZgDdCDS8Dl_esLn7qWbOahMUuM1A9o_F729k53KwzRGNtc7K6sej2Fr7pMaujj7Z02uRHj2Po5EwENwQ3UYHPqqgyVlppWs6m4pqT-jiMZm8YY9ijrNm3Y1KsHjWmB_EqxT42wNGXhGMQAcGIXImPwt5tOwEty9obj1V6YmQmsNrPCSi6PiIOVZV9oMonjZ4KAfiGTHWwHRY88qUKPSx9Xhhp9ivBMpr3DexHCNzwKWsyxCmPMorYmcnncOHeCWaBDgJ8Mnvjwj8TBgZa9zu0sxqdySyADg2GDtwen6S658xDoUONHHK8SfGz1qWhfTpYI&cid=CAQSPABygQiDmQHTnJ5WR8X5r9WcWTbV6KC2i04R5uM63T_F3vdvXCxOtuL9sfX2pOfk5vQzAVqYlXAN3XnmABgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=11567283318108213000&adk=2004672170&idt=144&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de1346a42d1d61f1b1bb581cc38a9a6662570b67fbca3b9d4dd3b36e446b6a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
76330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10880
x-xss-protection
0
server
cafe
etag
12570010719352825067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 18:03:21 GMT
diwan_1.m3u8
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
354 B
852 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
252bf3b7618a059de5c196c5c614f5115f962059665a60465cd261c0c98aef59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:31 GMT
Last-Modified
Sun, 07 May 2023 15:15:28 GMT
Server
amazon
ETag
"6457c090-162"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Expires
Sun, 07 May 2023 15:15:30 GMT
160x600.html
s0.2mdn.net/sadbundle/7271251920253500791/ Frame 2E03
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/7271251920253500791/160x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0233199bd98bf9914246d6facb8dcd93faabaae3428063c5f3abf196c54cf24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
112512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2330
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 08:00:19 GMT
expires
Sun, 05 May 2024 08:00:19 GMT
last-modified
Fri, 20 Jan 2023 22:06:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 72E3
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdIJDPbfBEoWsZHkq1fkyyFhyBuPr2X28EQ00-fKuCuoAoK0SlVXFrBtjua-ovkmrRGNJ11CKaCPZht76MFJtVcsDbya9LWvVVUrwT3YG6vPvL8RMmbWKfvWJdgLO9TOZTxfljnKGXqMAusWBduOucBRpe4pOvsYLukCDRgoCLrMWcSyK1NwOfV1Oxm3GY_-Y3pdibT1MUj9IoO-eScgVufQTN4Az2WTGjrju__812-eHbofCpySRohHOmugrwu0gZyMaXUJE8G174GdBcY1h5Mv0oh1EDcIojQ7hpFhOoJHUj586kfj0Ol3ST7uqcYkHwIhtHPHxpV6cdCIvWurqq50b_aVUe_wO79L0vaUmjGtqax4CNKeITgX3eLMlGajC1DZgXpff80T8D110HjESG9T7ZpM9PH8mtRAci3-t1fbmJiqGBbD0Ag5arzr3zKwdHvbvcPv50J9q-e--K-uliyLxwEPLezZxHw3ZWDS7Pr-ZgFZ4MLVjhtqdZSSMQp_AdTE0mx2E12B0--qnEy9ca9oixMek_M5Yq4XNlCOzlipqBq2mL86AtUpF5vMPLtiv8ObZYD0kig0SkOGTH53CSMZvhawUGCtvAf2cuNWc5hj3TtoMeb0vxGbgeFUcNTOm1dG3eU4TJ8YRnHdMXe2oCuSX7pzrt3Y4pM6ttqgqGB7WMOw1sexwn15xBHb__8sS43h1m0PZPNuW9hMpp2b0KRvbeqQf_eFfuY9bC_IqB6-dlaRWe-kXaTkShbL1lYPEmIHPJP_q75yLnee-TbKDtSRVyz-CrGNMnbZZdFpkI7kVjtnhVgYRgGhLxvEtDxpjdywx9KgJq0C0gUS-7NuBjNrzlAkdWTxNTkiyH50Zb78pYZ8nHNd2KsJmTFhfPtK5RqE2g3lU_Yo2BUNnfVqwH-j-mnSLJBx99ARk0N39lxqx80bkgW9n14c_Nv0-4HrApB59J8sgr21TnjZdSUIieObsvpFfBP5hSbPh09vpgmdB_YvNlcMvZyJHQWYJtMg1O6GdrN8x2LVjJdXUYpjDmo6muBGdVPm-bH42xY1T6XZiAgcq1XM7aLEtmc6TNSxFji6cBU_yL8wFcuDzVz5mJYGTcedjJTi92vkTq-btn0dsY1H8Qdw5iQBbZYMNrT8WIQapKTltqkzutbyYWxW2t2zJSdEM6wmj2gEzzGmQW2OMX_P7xs3hJNYpm7V_1y9OsWtLvPvUf5i09kpkWlTRFuo_myVBXVZ0&sai=AMfl-YTrEecv_VkE7Y5ERCRd9UWS2HnsCy4z_fW-qGE50CopFdIgFOer4pPNwm7m4DSKasXUGBJ3JldvnJrCIuCLidIjZbe56Lcg9n_wRf43J8z2XYLingANHp2XYszkU-xLDeIYS5H6aSHLfFHZ8P8tifoHPcEXlJ8oVzjdIJGkDqBlb301CoVPKnG-vEwoMZrj63qB2n2_QBxg-ctQzlh43LJcTO7-GiglAcVSu0pbRbHymemzbxEl3WJx_SYuAddKwEr_QAU&sig=Cg0ArKJSzCJk2HBNKj8qEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=341&cbvp=1&cstd=339&cisv=r20230502.48131&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 15:15:31 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 07 May 2023 15:15:31 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 72E3
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D73
1 KB
645 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72906
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Sun, 07 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 72E3
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d06dd55357fdd3732d7cc08042ad4f8221a9fd222e988b516a250d4103ac34

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
createjs.min.js
code.createjs.com/1.0.0/ Frame 2E03
236 KB
63 KB
Script
General
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7271251920253500791/160x600.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:31 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Sun, 07 May 2023 15:30:31 GMT
160x600.js
s0.2mdn.net/sadbundle/7271251920253500791/ Frame 2E03
44 KB
9 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/7271251920253500791/160x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7271251920253500791/160x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ccb235bb3681d17386e66f151e28710f894e7cc00cfc1a4e875db00593bc2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7271251920253500791/160x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 19:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157395
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9502
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 22:06:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 19:32:16 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1122
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122076
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 05:20:55 GMT
expires
Sun, 05 May 2024 05:20:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 3D73
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFo0gMZmbG_aqMvg9g1l6n0&google_cver=1&google_push=ATf1kGM_K-qIgOQrnqn6DC-pnGOca_e2yBeISsN0hvPHBp7xGgQYh_zy6b54O3gA0lI5DjV6DEiFfaeWGuwpD_ZoKETtyL2TthpYKw
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 3D73
43 B
420 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESELx9xcUVWaQRbuyFaGq6iA8&google_cver=1&google_push=ATf1kGNaOoHoWFQry6tkuoSK-PDCqbYwHt_7d5vuj70AJJHbGTiP7MNlAdzBJzHMq1iqobKaZX8IZuh9xhJRCVwDjH7g0XF6FfIyCA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNaOoHoWFQry6tkuoSK-PDCqbYwHt_7d5vuj70AJJHbGTiP7MNlAdzBJzHMq1iqobKaZX8IZuh9xhJRCVwDjH7g0XF6FfIyCA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c3a6b3b2aa42c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D73
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG1ViJXqvKPcoEQyjP7I-9M&google_cver=1&google_push=ATf1kGMHR4abukseV8bAWqMF93TS98wo8pEZ5AccIaU7nyRFGXamrzbUBBnNw8KDGknhQCStp0RPrPGYrXRr5E...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMDQ1OTQ2NDM4NDMxMzQ4NA%3D%3D&google_push=ATf1kGMHR4abukseV8bAWqMF93TS98wo8pEZ5AccIaU7nyRFGXamrzbUBBnNw8KDGknhQCStp0RPrPGYrXRr5Es33c...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMDQ1OTQ2NDM4NDMxMzQ4NA%3D%3D&google_push=ATf1kGMHR4abukseV8bAWqMF93TS98wo8pEZ5AccIaU7nyRFGXamrzbUBBnNw8KDGknhQCStp0RPrPGYrXRr5Es33ccoUe-Fn3O75A
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMDQ1OTQ2NDM4NDMxMzQ4NA%3D%3D&google_push=ATf1kGMHR4abukseV8bAWqMF93TS98wo8pEZ5AccIaU7nyRFGXamrzbUBBnNw8KDGknhQCStp0RPrPGYrXRr5Es33ccoUe-Fn3O75A
Date
Sun, 07 May 2023 15:15:31 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 3D73
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMGtf17Sb2mAY615sLgBLho&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMGtf17Sb2mAY615sLgBLho&google_hm=ZFfAjoiH5EY1_Mh6-yYiOwAADLYAAAAB&google_nid=index&google_push=ATf1kGO4jP9dq_949OJWvpt4PRc-kFOSU6vYO...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMGtf17Sb2mAY615sLgBLho&google_hm=ZFfAjoiH5EY1_Mh6-yYiOwAADLYAAAAB&google_nid=index&google_push=ATf1kGO4jP9dq_949OJWvpt4PRc-kFOSU6vYOxjudaZGZIW_FzmRR8-0XXrV9SHYBeZTn3o99Rw3qzONEXpYiS3JwKFn5QRJodEtRg
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 May 2023 15:15:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMGtf17Sb2mAY615sLgBLho&google_hm=ZFfAjoiH5EY1_Mh6-yYiOwAADLYAAAAB&google_nid=index&google_push=ATf1kGO4jP9dq_949OJWvpt4PRc-kFOSU6vYOxjudaZGZIW_FzmRR8-0XXrV9SHYBeZTn3o99Rw3qzONEXpYiS3JwKFn5QRJodEtRg
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3D73
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGMxJUXvLLWthzO8uYDvENfrggPr526zos_IzvYh9xY_6ZITxLLrUimigvKMmgX8dGYZPa64KSRMy0efHn-Q0VVIyS3m7Yc_IQ&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-81c75305-7c68-4154-8f81-e1734163eacb-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMxJUXvLLWthzO8uYDvE...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMxJUXvLLWthzO8uYDvENfrggPr526zos_IzvYh9xY_6ZITxLLrUimigvKMmgX8dGYZPa64KSRMy0efHn-Q0VVIyS3m7Yc_IQ&google_hm=A4HHUwV8aEFUj4Hhc0Fj6ss
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMxJUXvLLWthzO8uYDvENfrggPr526zos_IzvYh9xY_6ZITxLLrUimigvKMmgX8dGYZPa64KSRMy0efHn-Q0VVIyS3m7Yc_IQ&google_hm=A4HHUwV8aEFUj4Hhc0Fj6ss
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMxJUXvLLWthzO8uYDvENfrggPr526zos_IzvYh9xY_6ZITxLLrUimigvKMmgX8dGYZPa64KSRMy0efHn-Q0VVIyS3m7Yc_IQ&google_hm=A4HHUwV8aEFUj4Hhc0Fj6ss
date
Sun, 07 May 2023 15:15:31 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX81c753057c6841548f81e1734163eacb003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 3D73
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFLIVKh1Ct0tii3KVcKcLbE&google_cver=1&google_push=ATf1kGMMrsUd4vHY1BTX5Erj15thww7g9rONVhMBveU7G-HzMS59Yln8MT04jgpAwSq12LM0vIoLbJ7EUpbU_kvYGH4QkGxBxV...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc2NzE5MTQ1ODQ4MzcyNTM0OTMyMA%3D%3D&google_push=ATf1kGMMrsUd4vHY1BTX5Erj15thww7g9rONVhMBveU7G-HzMS59Yln8...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc2NzE5MTQ1ODQ4MzcyNTM0OTMyMA%3D%3D&google_push=ATf1kGMMrsUd4vHY1BTX5Erj15thww7g9rONVhMBveU7G-HzMS59Yln8MT04jgpAwSq12LM0vIoLbJ7EUpbU_kvYGH4QkGxBxVQJZg
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc2NzE5MTQ1ODQ4MzcyNTM0OTMyMA%3D%3D&google_push=ATf1kGMMrsUd4vHY1BTX5Erj15thww7g9rONVhMBveU7G-HzMS59Yln8MT04jgpAwSq12LM0vIoLbJ7EUpbU_kvYGH4QkGxBxVQJZg
date
Sun, 07 May 2023 15:15:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 3D73
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOm2nPimkd3hHqolb9nRcDY&google_cver=1&google_push=ATf1kGNrEaWRc4PVo4FCeDCOPjal6LRCgQc0u5JHQyPwV283S20BLdZzvc8-Y32xzK4Umx9wka...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uV0dfNjhWRTJ1RnMyNUZBUlhMX0R5R1B1eHJzOWVFWH5B&google_push=ATf1kGNrEaWRc4PVo4FCeDCOPjal6LRCgQc0u5JHQyPwV283S20BLdZzv...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uV0dfNjhWRTJ1RnMyNUZBUlhMX0R5R1B1eHJzOWVFWH5B&google_push=ATf1kGNrEaWRc4PVo4FCeDCOPjal6LRCgQc0u5JHQyPwV283S20BLdZzvc8-Y32xzK4Umx9wkayEs6oST4itX-Sj2gke8-ih3ZCtayY
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uV0dfNjhWRTJ1RnMyNUZBUlhMX0R5R1B1eHJzOWVFWH5B&google_push=ATf1kGNrEaWRc4PVo4FCeDCOPjal6LRCgQc0u5JHQyPwV283S20BLdZzvc8-Y32xzK4Umx9wkayEs6oST4itX-Sj2gke8-ih3ZCtayY
date
Sun, 07 May 2023 15:15:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 3D73
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFzLP3yZ9uRLHj4I0PzILR2_jeWEdoeDMxW0L_qjQdDYQuEVYoc6K-nxJj9ceMPPeiURf-lA
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
160x600_atlas_1.png
s0.2mdn.net/sadbundle/7271251920253500791/images/ Frame 2E03
55 KB
55 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/7271251920253500791/images/160x600_atlas_1.png
Requested by
Host: 569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
URL: https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4aa47a70e5ae5b1c9673fe5c2c376ba1c33e9b8fe6912bce135ea5043b76ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7271251920253500791/160x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:17:55 GMT
x-content-type-options
nosniff
age
79056
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56597
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 22:06:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 17:17:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 72E3
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdIJDPbfBEoWsZHkq1fkyyFhyBuPr2X28EQ00-fKuCuoAoK0SlVXFrBtjua-ovkmrRGNJ11CKaCPZht76MFJtVcsDbya9LWvVVUrwT3YG6vPvL8RMmbWKfvWJdgLO9TOZTxfljnKGXqMAusWBduOucBRpe4pOvsYLukCDRgoCLrMWcSyK1NwOfV1Oxm3GY_-Y3pdibT1MUj9IoO-eScgVufQTN4Az2WTGjrju__812-eHbofCpySRohHOmugrwu0gZyMaXUJE8G174GdBcY1h5Mv0oh1EDcIojQ7hpFhOoJHUj586kfj0Ol3ST7uqcYkHwIhtHPHxpV6cdCIvWurqq50b_aVUe_wO79L0vaUmjGtqax4CNKeITgX3eLMlGajC1DZgXpff80T8D110HjESG9T7ZpM9PH8mtRAci3-t1fbmJiqGBbD0Ag5arzr3zKwdHvbvcPv50J9q-e--K-uliyLxwEPLezZxHw3ZWDS7Pr-ZgFZ4MLVjhtqdZSSMQp_AdTE0mx2E12B0--qnEy9ca9oixMek_M5Yq4XNlCOzlipqBq2mL86AtUpF5vMPLtiv8ObZYD0kig0SkOGTH53CSMZvhawUGCtvAf2cuNWc5hj3TtoMeb0vxGbgeFUcNTOm1dG3eU4TJ8YRnHdMXe2oCuSX7pzrt3Y4pM6ttqgqGB7WMOw1sexwn15xBHb__8sS43h1m0PZPNuW9hMpp2b0KRvbeqQf_eFfuY9bC_IqB6-dlaRWe-kXaTkShbL1lYPEmIHPJP_q75yLnee-TbKDtSRVyz-CrGNMnbZZdFpkI7kVjtnhVgYRgGhLxvEtDxpjdywx9KgJq0C0gUS-7NuBjNrzlAkdWTxNTkiyH50Zb78pYZ8nHNd2KsJmTFhfPtK5RqE2g3lU_Yo2BUNnfVqwH-j-mnSLJBx99ARk0N39lxqx80bkgW9n14c_Nv0-4HrApB59J8sgr21TnjZdSUIieObsvpFfBP5hSbPh09vpgmdB_YvNlcMvZyJHQWYJtMg1O6GdrN8x2LVjJdXUYpjDmo6muBGdVPm-bH42xY1T6XZiAgcq1XM7aLEtmc6TNSxFji6cBU_yL8wFcuDzVz5mJYGTcedjJTi92vkTq-btn0dsY1H8Qdw5iQBbZYMNrT8WIQapKTltqkzutbyYWxW2t2zJSdEM6wmj2gEzzGmQW2OMX_P7xs3hJNYpm7V_1y9OsWtLvPvUf5i09kpkWlTRFuo_myVBXVZ0&sai=AMfl-YTrEecv_VkE7Y5ERCRd9UWS2HnsCy4z_fW-qGE50CopFdIgFOer4pPNwm7m4DSKasXUGBJ3JldvnJrCIuCLidIjZbe56Lcg9n_wRf43J8z2XYLingANHp2XYszkU-xLDeIYS5H6aSHLfFHZ8P8tifoHPcEXlJ8oVzjdIJGkDqBlb301CoVPKnG-vEwoMZrj63qB2n2_QBxg-ctQzlh43LJcTO7-GiglAcVSu0pbRbHymemzbxEl3WJx_SYuAddKwEr_QAU&sig=Cg0ArKJSzCJk2HBNKj8qEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=478&vt=11&dtpt=137&dett=3&cstd=339&cisv=r20230502.48131&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:15:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 May 2023 15:15:31 GMT
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame 1122
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14616
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 10:31:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1122
0
25 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bs5Cpk8BXZOW6CsGlx_APjtaP-AMAAAAAOAHgBAI&bg=!_P-l_6vNAAYV_mUANf47ADkAdvg8WtdBJnu4cdQlbS7PWVPVBHoNrtQGJnYj1-VPzneKTmGXr2vntdp-foc9AOl7zSs0T9rOp_UCAAAAkFIAAAADaAEHmQMwfbrpn9e2IHOXJyF8thnz6clpSL4KqnhE5BJNSPgeGX-GPbFXiH8JbHXfMOPqSP5VH6miPTfxvYEQ9KIMOzBGspmEJnv7kADz2Y7_Nxaruoh5tOOK1_jMnStWw_8jVTnPObQYmiNyOoVaW6FsPzyP6sTQ9s05LsT9dUjJvaS6LqDkEuwaV2KzdcEW2WIv0srUiGhSrDHcd2tV4B-Hwalfp5pOFRB9w3ZD5U_IjT0V4ZMHNrsLMCUaO41oNaw1RC0sesJi1_CV9RIBnN6aa_hxAYpOjLkQRfi6_l8gZ1CzZlFUGLjJX6hEqFEG7f6Lnl4-NChRSYmrp0kTplwZ8qG_0UtmYGO45ZJDBCDqjKHPjSMARXNgdIAxpf3VInTX0Aobv4uFrr72F4iAIQEeesYS2izngdlMK53ppR-zibKyLxCGQiWbo7Y5EVSfUP3D82x4u1O9lMMq-AzBBXs7oSNNO_CohqW2UqOBcbnTB7gqTHMiLA-FE9zWhk5ENjagDHhmQdjF1hJGy-vlyC0fr9VTA32tzxsnnAbHwio2X51cMeshrxHzPOZyx32OspyEfdIMPQXD4l3Ve4wbwpcGql0DjwLU5Oo4mAUEh2VJw3Y0aq-PGBZNI1uTK0lMhQyvzEWTHS8seebBSS7BEJ05XEEHOnwGMXrGdibtFJ6dVggshUhjS0vAschCZnmOlttjwySZ1dfutEtqGYpqyKcyoMCf3lFaFVmmPVLimvt2V53fw3HZpMKUfwY5oPaOKnAwKqnuIbmfkruuZdh6s4pe62z06wfG3py7QnR3cRyZT2135Cq6Y9QssJAozR8u8gKl6kApOyLKpGVb9fujoEDTybdIg0UtpV-9Fr72NLhjzcaM8VAUzjLExzQh-JNLANkSlxWa9t-Fio5RPqAu3Xmt71_XhAM2hmjwGdj0KBToHVEsBUDqE_Mg3fsx_i9WPRyFoH28QdpKMuvKcNyJKkX8x5SlJaYOu8MpCBXw97C93EzPEepDS82bSMTs6OgKL_ndt98Wc1PDLb-dfz0AFaP_VHE7y0R3KQXuyEzX2q-7VSkafPxV-7oyeSybCz6xWM-nk74v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/
0
226 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19484/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Sun, 07 May 2023 15:15:31 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
activeview
pagead2.googlesyndication.com/pcs/ Frame 72E3
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFt4C8FcJOgWd_j5w4607BN861uowFegqXMH14qDCsE0WXNS8fSuHvSREvnT1g026JCh5cbKtRrO0EpUFN-scaM2ZU4o_FmQ1_uwTQ-HIZHI4J9zvgSrpDwW2Zr-H0vtscSPf-gA&sai=AMfl-YQoWEBfbMFiU0s5lt3n6ArHreNkFMWZfkvHn9Pesn4EsegsjnRvX1uc4G9io4kPjHGUlKoKsNiFVPP-q8vFF8-wt0KpekzPrCpVsXlDlLbCcMSe6ZSf6kGAG495&sig=Cg0ArKJSzBz1OCXTfDdSEAE&cid=CAQSPABygQiDmQHTnJ5WR8X5r9WcWTbV6KC2i04R5uM63T_F3vdvXCxOtuL9sfX2pOfk5vQzAVqYlXAN3XnmABgB&id=lidar2&mcvt=1000&p=310,0,910,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3972335646&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683472530958&rpt=696&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72E3
0
25 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6252600634413&version=m202301230201&ct=76&x=1&cor=11567283318108213000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
diwan_1.m3u8
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
354 B
852 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
252bf3b7618a059de5c196c5c614f5115f962059665a60465cd261c0c98aef59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:33 GMT
Last-Modified
Sun, 07 May 2023 15:15:28 GMT
Server
amazon
ETag
"6457c090-162"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Expires
Sun, 07 May 2023 15:15:32 GMT
dt
dt.adsafeprotected.com/ Frame 4EAB
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=cead81d1-85cc-ee06-54e2-42282597fd5e&tv=%7Bc:bWsIIL,pingTime:5,time:7146,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:2143%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:5003,o:2143,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2133~0,1~100%5D,as:%5B2134~970.250%5D%7D%7D,%7Bsl:i,t:2143,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5003~100%5D,as:%5B5003~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:192,fm:tDAj9QV+11%7C121%7C131*.1352960-70223937%7C1311%7C14%7C15%7C16%7C17%7C18%7C19,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:29,sis:693%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 15:15:33 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
diwan_1.m3u8
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
354 B
852 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
252bf3b7618a059de5c196c5c614f5115f962059665a60465cd261c0c98aef59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:33 GMT
Last-Modified
Sun, 07 May 2023 15:15:28 GMT
Server
amazon
ETag
"6457c090-162"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Expires
Sun, 07 May 2023 15:15:32 GMT
fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/8877380214956653405/media/ Frame 6FA0
7 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8877380214956653405/media/fb2405b160d35da2c54812c244ca11bc.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8877380214956653405/8d07b282c8e661b71feb1e048005bbde.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8877380214956653405/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77959
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2357
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:41:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 17:36:15 GMT
css
fonts.googleapis.com/ Frame 6FA0
2 KB
571 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8877380214956653405/8d07b282c8e661b71feb1e048005bbde.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 15:15:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 14:35:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 15:15:34 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6FA0
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 16:38:09 GMT
x-content-type-options
nosniff
age
427045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 16:38:09 GMT
diwan_1.m3u8
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
354 B
852 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
9f18b6dfc8a36f54ca7f4ada03a886e00bbf328418a27621cc010b0f2f1f7a6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:35 GMT
Last-Modified
Sun, 07 May 2023 15:15:32 GMT
Server
amazon
ETag
"6457c094-162"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Expires
Sun, 07 May 2023 15:15:34 GMT
diwan_1.m3u8
a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/ Frame 44B4
354 B
852 B
XHR
General
Full URL
https://a6.koora.cloud/watch/fjNR0Viq65EA992a05QifQ/1683475872/1683476126/1/diwan_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
9f18b6dfc8a36f54ca7f4ada03a886e00bbf328418a27621cc010b0f2f1f7a6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 15:15:35 GMT
Last-Modified
Sun, 07 May 2023 15:15:32 GMT
Server
amazon
ETag
"6457c094-162"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Expires
Sun, 07 May 2023 15:15:34 GMT

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 boolean| credentialless object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS object| demandSupply object| googletag object| wg object| dspbjs string| demandSupplyFS object| _app object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal string| currentUrl string| mainURL function| _0x480a function| _0x47df function| decrypt function| $ function| jQuery function| removeCustomBanner undefined| customBannerCountdownInterval number| p object| matche string| u_key string| k_url function| update_frame function| _0x17035d function| _0x1bbb function| _0x144026 function| _0x516788 object| divChannels object| rowChannel function| _0xef9dd0 function| _0x12aaab object| channels function| _0x599d function| _0x19cc99 object| channel0 object| aniplayerPos function| rdmode function| HqyLazyload function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| gptAdSlots undefined| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo string| GoogleAnalyticsObject function| ga function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| com function| _avcp object| GoogleGcLKhOms function| setImmediate function| clearImmediate object| pbjs object| signal_decrypted object| vmpbjsChunk object| ADAGIO object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| gaplugins object| gaData object| sas object| apntag object| _ADAGIO object| ONFOCUS object| google_image_requests

50 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: 1cc3cf29-a297-4e03-a814-57797b2c03ce
.demand.supply/ Name: __cf_bm
Value: _S8mgncmX48pYMgJSJNfVTPdwa51KhEXEwdo1fE6F7Y-1683472525-0-AfHyLyFKhdU/qjTqUb423GkFII28EtxSWW8pzUUN3kTmV6ZUUfXcYTtxS8S8fG6GOBofs99ghiZmSA0+KyLQYAw=
.yalla-shoots.tv/ Name: __gads
Value: ID=df2c38a3ee93e4f2:T=1683472525:S=ALNI_Mbd4-j20NffrJhlPmgNbLOlrhTtUQ
.yalla-shoots.tv/ Name: __gpi
Value: UID=00000c11bb0d2cca:T=1683472525:RT=1683472525:S=ALNI_MatPSJVnEcFrpY1wRIWAlFYygYWKg
.doubleclick.net/ Name: IDE
Value: AHWqTUkMtyJCY_weiBawJj02x1uSFeYhC3qPJ12CitsrtrTEY37Zfnjz_eouo3rd
.casalemedia.com/ Name: CMID
Value: ZFfAjoiH5EY1-Mh6.yYiOwAA
.casalemedia.com/ Name: CMPS
Value: 3254
.casalemedia.com/ Name: CMPRO
Value: 3254
.yalla-shoots.tv/ Name: _ga
Value: GA1.2.1104036331.1683472525
.yalla-shoots.tv/ Name: _gid
Value: GA1.2.1033765419.1683472526
.adnxs.com/ Name: uuid2
Value: 5779545863332724555
.yalla-shoots.tv/ Name: _gat_gtag_UA_230085360_1
Value: 1
.criteo.com/ Name: uid
Value: bcd96ff4-ef5d-49f2-be2b-ca9e1001ca0d
yalla-shoots.tv/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yalla-shoots.tv/ Name: _pubcid
Value: 0fdeab9f-fe1c-4c99-9d60-2056b6122e8a
.adform.net/ Name: C
Value: 1
m.exactag.com/ Name: exactag_new_gk
Value: eaddb67c590d477dbfb90474ee9f4057%7c06.07.2023+15%3a15%3a26
m.exactag.com/ Name: exactag_new_uk
Value: 8d1bdc1fa5e849828610932f35f764be%7c
m.exactag.com/ Name: session_session
Value: 591e41833a83422a9bc8b8f5
.yalla-shoots.tv/ Name: cto_bundle
Value: kbNOLF9HWmdjTjlOZ2N4cnE5TnF3ZGRqaE1sczBOSmk4N0FaaWpYMDFoR0tseUxQMXVLZzA2Zm1vSjZoMjhHeWFwbnJMU3JTOThkJTJGejQzYWhEbnV1U3JSJTJCZ214VWpwOTJaeiUyRnZlSSUyQjVYVUZDWjgyY01GSE1WbCUyRiUyRkRaZnZJSFNtcW85eWczTnB1eENLMVZqblVhWCUyQkxSOXYyQSUzRCUzRA
.adform.net/ Name: uid
Value: 5666259723782819602
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%7G$?h2!A#G..TOKKnyW<U1`VROYQM-:ZgwgFIQh_P:X$sH_d)rNHkXL3?8CM/o<HHd(j#iP(Md+>)fy)W<28?1
.lijit.com/ Name: ljt_reader
Value: GmzTvBZHRKCmRo8vToSW0yzh
match.sharethrough.com/ Name: AWSALBCORS
Value: rF7HvN73tidDC/UqwJEDkqOJdswbLnxFXdH+t4YSQgE4YZM9YKvDNH0513m1X0dtzsHvpZDwEevjCGXIvyYwQlqieIkCxqno6OKP1V8qKtKEN6NXk+NmozH/y9G3
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22C8269736-4EC5-4658-A00E-D971386D5A21%22%7D
.adsby.bidtheatre.com/ Name: __kuid
Value: e775d40c-8346-4b5e-818a-6d27d2bafd9e.452686528
.360yield.com/ Name: tuuid
Value: efd17b79-e76c-4c56-b9fe-769997edc659
.360yield.com/ Name: tuuid_lu
Value: 1683472528
.doubleclick.net/ Name: DSID
Value: NO_DATA
fksnk.com/ Name: AWSALBCORS
Value: WsdZznaN2zd5/gCHp5/+Bg3yEm63nEIKKHkzm610sU6PPpLPu9uOaOl5TxidGHg1ENre82CN0NBuZbGzH+Pen8AWKeTd5eP1GR8CnNEtFXBZlbYT3ycw2hOnUWbA
.fksnk.com/ Name: f_001
Value: 3C6126B3567FD8D1
.fksnk.com/ Name: g_001
Value: 1
.zemanta.com/ Name: zuid
Value: IsZibVYOmeoKbCmdgK2k
.3lift.com/ Name: tluid
Value: 3767191458483725349320
.mathtag.com/ Name: uuid
Value: e1dc6457-c091-4200-b36a-965bee365580
.mathtag.com/ Name: mt_mop
Value: 4:1683472529
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 25E89D58-9AB4-43E0-ACD4-9BE63433A453
.go.sonobi.com/ Name: HAPLB8S
Value: s8759|ZFfAl
.turn.com/ Name: uid
Value: 8512514174128482544
.bidswitch.net/ Name: tuuid
Value: e77d0735-1c9b-4836-8451-97c7da07e83b
.bidswitch.net/ Name: c
Value: 1683472529
.bidswitch.net/ Name: tuuid_lu
Value: 1683472529
.yahoo.com/ Name: A3
Value: d=AQABBJPAV2QCEBjwETkeUlgcZN9bioH8sQEFEgEBAQESWWRhZOANyiMA_eMAAA&S=AQAAAoFTdwVKrnw2aeWbbP9QJZk
.spotxchange.com/ Name: audience
Value: 019bd26f-ecea-11ed-8db5-1ac857eb0506
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~2bif:18yx~2bif"
.adfarm1.adition.com/ Name: UserID1
Value: 7230459464384313484
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81c75305-7c68-4154-8f81-e1734163eacb-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aEntmIRZdySbAIUMnYBhO3X8CnBel94cYsfaTSLiopoCLjoqtqpdUQumZbSJZcXBZacjcsBrPEabxuV0QiOKYbeoHB4Zb
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81c75305-7c68-4154-8f81-e1734163eacb-003%22%7D

11 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/(Line 412)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://dalbouh.xyz/api/matche?t=1683472524
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
javascript warning URL: https://yalla-shoots.tv/live/10836/1004997/es-sahel-vs-us-ben-guerdane/
Message:
The resource https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

569e07d9292d080cdd575758127d89ec.safeframe.googlesyndication.com
a.tribalfusion.com
a6.koora.cloud
ad.turn.com
adipolo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
cat.fr3.eu.criteo.com
cat.nl3.eu.criteo.com
cdn-adipolo.urekamedia.com
cdn.flashtalking.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
code.createjs.com
csi.gstatic.com
dalbouh.xyz
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
feed.avplayer.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
invstatic101.creativecdn.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
live.shoot-yalla.tv
m.exactag.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
player.adtelligent.com
player.aplhb.adipolo.com
player.avplayer.com
portal.o2online.de
prebid.a-mo.net
pro.ip-api.com
r.turn.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.flashtalking.com
securepubads.g.doubleclick.net
servt.modoro360.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
storage.de.cloud.ovh.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.crwdcntrl.net
tcheck.outbrainimg.com
tg.socdm.com
tg1.modoro360.com
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
us-u.openx.net
us.web3-lab.com
vast.doubleverify.com
web-api.scorarab.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yalla-shoots.tv
104.102.35.84
104.21.233.171
104.21.235.80
104.21.87.59
138.68.128.169
141.101.90.96
141.95.4.204
142.250.110.156
146.75.118.132
147.75.84.158
162.19.138.119
172.217.16.194
172.217.23.98
178.250.1.6
178.250.7.13
178.250.7.9
185.29.134.248
185.80.39.216
185.86.139.102
185.89.210.82
185.94.180.126
188.114.96.3
198.47.127.19
2.18.232.99
2.19.229.140
2.19.229.53
2001:678:cb4:bbbb::11
202.241.208.56
205.185.216.10
213.19.147.44
216.52.2.39
2600:1f18:1aca:4281:b5e2:6c36:c4c:a5a
2600:9000:211e:5a00:1b:5138:8a40:93a1
2600:9000:223f:a600:8:48e:53c0:93a1
2600:9000:2250:8000:a:e047:752:b361
2606:4700:10::ac43:266a
2606:4700:20::681a:8a9
2606:4700::6810:8516
2606:4700::6812:19ad
2606:4700::6812:372
2607:f8b0:4003:c0c::78
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::9
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::c
2a02:2638:d::d
2a02:26f0:3500:11::215:14cb
2a02:26f0:480:25::1726:6216
2a02:6ea0:c700::11
2a02:fa8:8806:16::1400
2a04:4e42::485
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.125.250.234
3.215.129.161
3.65.121.173
3.75.62.37
34.236.164.132
34.96.70.87
35.190.0.66
35.190.39.111
35.227.252.103
35.244.159.8
35.71.131.137
37.157.3.29
45.133.44.3
45.133.44.4
45.84.217.72
50.31.142.223
51.77.64.70
51.89.9.252
54.216.181.39
54.76.174.157
63.34.201.8
64.227.64.62
65.9.66.104
69.16.175.10
69.166.1.12
70.42.32.95
76.223.111.18
85.114.159.93
85.14.248.91
01056e75dae62da3f161e3f4f9d5bb7bd70af8e2eb82efb55b279b4875bd7869
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05166e50481d270feaee6c9725a26855a59edc80f329be85ac28208fd11999ea
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
079eb3088279daf62b3de4920bc38ddaba831b5747671e8af8651f6131857349
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
1061404d7efd9013a081f5b243ab1e54b49539e24ba2d9930e0346184002007d
11664752ac3ca2293971d6e68606738c5cfbd9e86edb3c4e73ad3ec113346b55
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13690075183f5c5e4f107e6cb08ced69e40a7f374851a375c5014d729dedae07
14015ca343a3c0f943525447873fdeaac6b61dface961338a738c97d78c37434
15e4ee9e35f217a593a5ad80bb14251e9e1269af0cd0f4d50b8e7977b15eafd7
161f37405c95a2723b85d1887658fbc3f7ea0e38242b85fa6bd3b96abb221933
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
190e70018335ddc27dcc7f82dda53c72e7bd9ea3b184f102eccb0e3352efc686
1aa95e94244543e909b23ee3975c0b4ded9cefe20557f99d6b823b6170886b7f
1b9b98146d7d4387b570a7b7044383506ce194da327f0849610dffcf231f823f
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e011a35ed2c4a688b3a6a0f8ca8800d090dd0a74264bb86c9d75f71a3b9d9f4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f868ce0919f7dcf803bd01b3c519a86c19fc4dd1808e33db1cb4094f3ba8c5d
21a9fae1cb648ca37f07b210ecaae52801830a7e0b29531b46d10f78095136ba
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
252bf3b7618a059de5c196c5c614f5115f962059665a60465cd261c0c98aef59
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27164e1cb46fab90b03221ab21ce5269dd8652547b44a84d6d34b85c8f0cd1c6
275ddb25f1464b1828528192fd8a168ff94a7cc3f9fc8f01b1a5fdaacfcc0e76
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
313b167644cd845c6ef23a4d34d5ea6672c2db69a89308cad8745030e6c45fb0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32644959e4ee6d1247e1dee18213a1318fcf8699e71a054505aac9de85817eb5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33234b315b571cac1f2e61f586894f6570d877233380a2bcaa8913189d866fcc
34fc5c918fda8d95cb209e35301babad9f25559cc2dfbdc59430da0f35d4c98c
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
36b808a258319847cbc8c3454e304bd3295ee377e65b30d8bf93903bd6a63f7d
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
37a657e0fdd7dc2c0c8992269314529a37a889a412893bde88e0df4764ae5ef4
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c316c29d33a0fef282f0b50aa72c9d1cd3a18a888f693d95852425b400abc19
3d013cc70447af1d8cc375d7ad4b638dd0847a8dd2f6cb7d2431ab72f92ddc10
4044e738ceea463cc0cad194bdc727ca986197dccdd34fb1b131d3d8af871c26
40cd1be0f1154397f4caa5a34de9b95512449416f3816543f96a2d7426d6efec
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47dca9375c710c5c1c5a0e5b68d08211393f151f5c1a61a47b3cee64ae29c73b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b164a7e8e1b32fcd54ea9d01d221c26a1fa03c865855dcf963ded6b79d3ed9b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9abec7fa4b1ba99969721335f13bda0b0e65cab5c1234a0cedea7183fcc610
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
53bc9a5f2381ef0d09e18771b7178b1bddbd47fc86a1202f74f9ccef186f54f8
53f6e4827153b22f45f2f2a6c50695e1eccd218ad81b3256e6cbc0c995fe3eff
5563fee65170276d1dac906d6ecfef33bb587e428b7fb963f65d0de85e7e7e9e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5685bd8fe2ed7455aecd44ba1205f8bd3f62c9e6a27c9bde66abaecf4c1c57fa
56a505af5071efd1bb8d1f5fb6c6496819d9ca927bb72670a849a8425d83b550
56dbaab92e20e38ee3cff7853f6af50a636b5ab296763c1e479c857562006344
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
59dec2944a255e7af6c299907b54df8fa8505437a95c203c6c5e2544e96c78e8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cd3504a24ce6e2f840e302c45977543f270c3ea392be16bc14311286ce4b845
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
5e37305c587caf07e99a08e1efd0749fd3bbbb855752e4d568ac2dbfc2025464
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
6111cdeaf5e942b759ba16f2f3cca5038f3d8eeab050846e4c2597042b67b6e6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ecccd34dc662e0f098d7aac79299f8b425c42abffa5eb59135f016eefe7c28
6343b2336c9da4ee9e84a73fc810a9270cdb4d46c94fe53b1e085b4ed9d83d8e
647b3409cb565a5915dc2735d987860de3e277a4914640f215137084ccfbd162
65c6d2a8e530ff087f4ad8d7602ee3dfa72d09e4aa0ee6c4f9f6dfaf69baf547
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
691886d3b7211700e0c02a155ee7a341a722309921e463a7f25c9fcbb13c5195
6a1cd70a874ffcda547806ce58e8f521f8ac064414e1c551e642a6ff500ec717
6b42229324a9712433f77c8d81c1cd78fcc75415bc310eef4c1b25200bcabefd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be762fe864f873157d12e6a7a4be396442a89cb338ef859517fe51c0346893a
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f072dba163631bf0536bd94e0e905652b1c0207d3e4afc614d7df6ac9baa192
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
6f8ec4ca820be971405b7cc7eca1dce7b6954f332cef4a8532d07b9fa45bdb2a
7173080eb17b17fcd9de048237274e57b0ae3e3747d49754825aaec12c3a579d
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
76f809593cbc51dc07f7a38b10dba20bd0925e4799bc8d2f3ac981863211c240
7811f32bf6c63b896593295c2993b1f7473bddca1327eee9558557c888554046
7871265d48a73d823e56d6925815a3c296ca4a685ea8e7a65a4d2231bf235633
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
7cf8eaab457cdee69f9810d5698f3da8f7ff4c7b1f1d8ff6d47b2707e4bbf27b
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7d9feef3a877f598c1a21d0fdf48323ced534feb85473521803a1a62049ccd65
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81cb71b582099d5005c024dc50ca947a2757ec242fefa49b10bede9ca6d0c616
82338cc6f877e4ac9516ad68d4b497eb5d0c82040e45efff1e7310d3fe426ee3
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a343819c22e11973d398f67bfc8ab8fdffecfbd58e8a3e5db58928454b5a43
84097aa5b9ebc242eab92efdf5f7b4bac2452f720051b812cae7653ebabbf5f8
841992b410649482f85110789523e62a16e7e679001e274ee3686b264830fcea
869b6a48584a4a0de9bfeaf7b5601fcca2317abbd53ab5a206305ec48ecbf12d
8812b1db657ace17061e9b6686f4d5195d72797e52d8e1cc8555bf6b2b268765
8ad40f41b4eee0a804fadbc37180dda63cd5090c32e5fafeda8b908f007cbda6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e37dae72e91a27f7866e06f4d879543f0691f90d06975c7736e84c15af10eec
8f0228f3e6dff872207a7425de20b73380f44bd4439d50a465d39fda65c87bac
8f1f98a399c2114b16df6c438ea674306aae62affbf7d315201d228a85a7eb11
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
8f5389ee6c23764f5f70faabd4034a080a81b890617b6cf227def4ffb797e558
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
953f551a1408b3329e924122a22d7bfe61938289342594ebacc0be21745daf5a
956962ed171558544464dcefc35d45b2c0ee677b4db2fce74962e2c16a141c72
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9888bb84d5141cdd58edc42da28eef87beaba438117339a770545d116b0417d8
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c82aa8a9663debdb09913ac5697565bf429cf25d4434366fa73826215c67add
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9e5368cc004804ca3929064283c4a3637a738f398331a7fd6bd44a97f0d0c2c9
9f18b6dfc8a36f54ca7f4ada03a886e00bbf328418a27621cc010b0f2f1f7a6b
9fcd98d7dae83ae84722355163af5e5567f936a2b51c547697d34bafb2501ad7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0bc7613aaa734a8f4b8cbf1528d91219465d910871029b138ddf15c27e711b9
a0d06dd55357fdd3732d7cc08042ad4f8221a9fd222e988b516a250d4103ac34
a204c245000c3ba978acb089ca42485a40f67e79b4f4ff497531642f14343580
a241bc01e849b11d05bb225493da496db735e76db3d7f12328cb540aa3150f3d
a2ec9b7ff4e35b6c1b8a9f4ade556b03d5fa2678e5c08aa9798a4015ba6080d4
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4aa47a70e5ae5b1c9673fe5c2c376ba1c33e9b8fe6912bce135ea5043b76ace
a4e4f946abcdaf4191b0fbdf68d786b520971b642ac34a4446b17ca6fafd87f9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa6105a8b1d78516e495f2761f4d1b1c202a7a56e6250756a20741d578824f06
ab6b1c9777228aa7ad49641cf3b11dc7b5ed48f45e4d1bcea4fb02f29fa35385
abbf132198a1c210793bae33899bb41f6b212025872d9c4f143a9cbba26e7739
ad06032486df2e74fa9c4b8b590fe15d36e9c5cff05ba0126f7dafe2a0ebb16f
ae8ad44c4478f1031b6f0b97cac92269fb02bf70d6077fafb8f0c1a8f49a43af
af2c42756201e955ac3c7134b99df4665ba36f14f39377f993665248bb60f55d
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0233199bd98bf9914246d6facb8dcd93faabaae3428063c5f3abf196c54cf24
b0d0ac3a79e82819b13b54683f227018039d1b556844941c9c1977edc727bb67
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b140edd9475f4cf77a5fdb007454eb19d9d3108c86a753ceae23e27b6636de46
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1540f629c2690241cdde93d69d8ae2a90f77fb77d48b131347765353332a141
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b728be4236f37f7a222ecb1638a2c1c4d58db7cd8316887b58e3115f72c34631
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bea736fdf67f11518157bcd25ec3e1a259595eac44ec75697573149917fff25a
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c618d0210f46e9b9c6decff2ab712bf2f64546b3ac7d25e59996d3106d7adc32
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c9ccb235bb3681d17386e66f151e28710f894e7cc00cfc1a4e875db00593bc2e
cb26b3bb02c92e7c63d0e4f576fe6b2f05c21171edd687842bf2dca44696c1d9
cb65aa94491fe66f65043e26e930b062ff4cebc6774e35651e6ff5e5275275da
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd5f63742374c8c9949381a1ad1152a27853dcff513297e9c8e518f40ad6a644
cd6e099e45effde47e0b018eb99a0b0ba76ab1a5d6f1a819b94d77c066326c6e
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
ce203352527c632f8f014cd5f2ccbc766f995a92972e224d358d2d85e6cba9a5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d7906662b215405ec58d6c746bcad04e264883d4b5dd3010410b2fd70952e2e0
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
dab5b2ba74b0df2b7b550e8af229ee5db7f0b7112d6007ddbd7aabafbeb56a7e
dc452cefd38b0835dc5682afe0da9a4757b505789380f3a5e33023eb07050764
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de1346a42d1d61f1b1bb581cc38a9a6662570b67fbca3b9d4dd3b36e446b6a32
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e2e9a3863164fca5218ad723c8f4db3243018404a12ccbb935a5e872d582b505
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e45594ee19f5dee57734d3e58303f6234dd137cac40b8fe367b95049ab5f2f27
e4624d1cdb6e6659b349e395a217cfad5540ef3b263b0ddf9a79cdc4e1e572da
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4ca7dc00ebd21774414cb682d0c1dd4d3b7b864612e2a0daa610112503d56d7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e6626207220a537d31b7562c60e66dd4776d6776c810a86bdd0460843617a024
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea6ac559653359c660f467797ae5765f522df04518e6a62a2028378c3e0c91ba
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ecd328825d970e565e679e4f25810ecf70a187dec158fe831ba6a413ada82c6e
ed2de0c4d5be176cb1ea2c413de3de6c9c47c5a4fc74030033c7e59846bf7cbe
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee29fecfaf331e93d4dd4ff92766eb874b8b966b7e3a1a099ad98afe8c96d3fc
ee6a6bcceedfd982bd4787ff0e02120a59956f71aa92d00bb420da6e14e611cd
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2f981cd0c42bb4a1b60734d0d38d3e0cbbc63252b92a7b93427c85d9fbbbfb9
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f560420c907fc10b7d5c7373de6422f6f0a5961bb34b180c887eed3bbf1c1944
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad
fa7655097dccadd5a2a8bba69c6f25b8d1d61adcbf87206dfb7a80605df9ef77
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17
ffc7509b7ef4b814bef8d9dc2338fb494a1ea272e17b55421408a433c8ce4a32