hd.yalla-shoot.io Open in urlscan Pro
2606:4700:3038::6815:ea8b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hd.yalla-shoot.io:2096/
Effective URL:
https://hd.yalla-shoot.io:2096/m/
Submission: On January 26 via api (January 26th 2022, 5:16:27 pm UTC) from IT — Scanned from IT

Summary HTTP 189 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 44 IPs in 6 countries across 38 domains to perform 189 HTTP transactions. The main IP is 2606:4700:3038::6815:ea8b, located in United States and belongs to CLOUDFLARENET, US. The main domain is hd.yalla-shoot.io. The Cisco Umbrella rank of the primary domain is 943794.
TLS certificate: Issued by E1 on January 22nd 2022. Valid for: 3 months.

This is the only time hd.yalla-shoot.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	2606:4700:303... 2606:4700:3038::6815:ea8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
9	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:c67b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400f:802::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 4	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	96.46.186.58 96.46.186.58	7979 (SERVERS-COM) (SERVERS-COM)
2	2602:803:c001... 2602:803:c001::200:194	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
3 9	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	104.90.181.210 104.90.181.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
2 2	18.193.4.24 18.193.4.24	16509 (AMAZON-02) (AMAZON-02)
1 1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:219... 2600:9000:219c:4000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.7.205 51.89.7.205	() ()
189	44

38 2606:4700:3038::6815:ea8b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hd.yalla-shoot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:c67b (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400f:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (Philadelphia, United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.186.58 (United States)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c001::200:194 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.90.181.210 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-181-210.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.4.24 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-4-24.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:219c:4000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.7.205 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	yalla-shoot.io 1 redirects hd.yalla-shoot.io — Cisco Umbrella Rank: 943794	477 KB
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	216 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	258 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	134 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	212 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	8 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	75 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	5 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	4 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	4 KB
4	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 123508 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 104453	26 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2366 mp.4dex.io — Cisco Umbrella Rank: 2499	24 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	881 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 876	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	56 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 467	3 KB
2	33across.com ssc.33across.com — Cisco Umbrella Rank: 1648	472 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7058	1 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1056	738 B
2	google.it adservice.google.it — Cisco Umbrella Rank: 44821	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 23756	115 KB
1	id5-sync.com id5-sync.com	539 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	23 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 707	438 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 329	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 745	710 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1255	463 B
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 17971	384 B
1	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1818	918 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459	121 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5646	184 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1204	353 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 690	527 B
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5710	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
189	38

	Domain	Requested by
38	hd.yalla-shoot.io	1 redirects hd.yalla-shoot.io
19	s0.2mdn.net	hd.yalla-shoot.io s0.2mdn.net
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com hd.yalla-shoot.io c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com s0.2mdn.net
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	hd.yalla-shoot.io securepubads.g.doubleclick.net
6	fonts.googleapis.com	securepubads.g.doubleclick.net c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	1 redirects tpc.googlesyndication.com c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com hd.yalla-shoot.io
4	gum.criteo.com	2 redirects static.criteo.net
4	googleads.g.doubleclick.net	hd.yalla-shoot.io c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	2 redirects player.adtcdn.com googleads.g.doubleclick.net
3	mug.criteo.com
3	www.gstatic.com	c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
3	c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
2	ups.analytics.yahoo.com	2 redirects
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	hd.yalla-shoot.io
2	static.criteo.net	player.adtcdn.com static.criteo.net
2	www.googletagservices.com	c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
2	fastlane.rubiconproject.com	player.adtcdn.com
2	ssc.33across.com	player.adtcdn.com
2	pbjs.e-planning.net	1 redirects
2	onetag-sys.com	player.adtcdn.com
2	script.4dex.io	player.adtcdn.com script.4dex.io
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.it	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	player.adtcdn.com	hd.yalla-shoot.io
1	id5-sync.com	player.adtcdn.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	s.ad.smaato.net	1 redirects
1	match.adsrvr.org	c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
1	adtelligent-d.openx.net	player.adtcdn.com
1	ads.betweendigital.com	player.adtcdn.com
1	hbopenbid.pubmatic.com	player.adtcdn.com
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	prebid.a-mo.net	player.adtcdn.com
1	mp.4dex.io	player.adtcdn.com
1	bidder.criteo.com	player.adtcdn.com
1	ap.lijit.com	player.adtcdn.com
1	player.adtelligent.com	player.adtcdn.com
1	player.aplhb.adipolo.com	player.adtcdn.com
1	www.googletagmanager.com	hd.yalla-shoot.io
189	49

This site contains links to these domains. Also see Links.

Domain
t.me
twitter.com

Subject Issuer	Validity	Valid
*.yalla-shoot.io E1	`2022-01-22` - `2022-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
player.aplhb.adipolo.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2021-12-12` - `2022-03-12`	3 months	crt.sh
player.adtelligent.com R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh
*.google.it GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.a-mo.net R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://hd.yalla-shoot.io:2096/m/
Frame ID: FD3512168C8917BBCA6D03E8335D8037
Requests: 90 HTTP requests in this frame

Frame: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8D5548BE8A6C700728C8B5614BCCA4BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4B21C2C349AD93C49BBA9D8F3B82349
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39979D7A16FB8AA41CFEC4000692C473
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032201141909000/amp4ads-v0.mjs
Frame ID: B05A84B98197E2B45329969C37DCD071
Requests: 16 HTTP requests in this frame

Frame: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0878A922EB6D2A855007BD02A433D91F
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7B6EDC0EB68583846ACC2EAC64557774
Requests: 8 HTTP requests in this frame

Frame: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 94178A6BF3114F62DCF5FE7FAB7AD28E
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs
Frame ID: 0BA5F4CF6718BA33E045DC04825E999C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhie8qPAATAB&v=APEucNXM3VhfU5GppJPsVeRn8Jram9FgzhRZjCrWCItSn7NswftdLAx_bXOWVnlG3gxyPnhlLJVwGUr8lwzi2NmlXZEVsLvOvAy6pa_XeTkCbm81c3pZbsMPaQ7qOawbrs6JI4Hsf96nudYavrkgcsZlSdK0uOecIwCve3NMOiL-c-r4ye1PVoU
Frame ID: ACD77EA0B4ADC5788A85AE09E3421D54
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C73CF55120339046D1DA05DC9BB9849
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B6491F7013B2CA9F31A857247EA5FD4E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
Frame ID: AF87803E66FCD4F0F999B0345FC49DF0
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hd.yalla-shoot.io
Frame ID: 65191B0BFE68137EAFA95484F7D0AABE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Frame ID: BA6775163375176378FE65E1FA488079
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلا شوت الجديد الرسمي | Yalla Shoot New أهم مباريات اليوم بث مباشر جوال

Page URL History Show full URLs

https://hd.yalla-shoot.io:2096/ HTTP 301
https://hd.yalla-shoot.io:2096/m/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

189
Requests

93 %
HTTPS

53 %
IPv6

38
Domains

49
Subdomains

44
IPs

6
Countries

1777 kB
Transfer

3997 kB
Size

38
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/yallashootio

Search URL Search Domain Scan URL

URL: https://twitter.com/yallash35332369

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hd.yalla-shoot.io:2096/ HTTP 301
https://hd.yalla-shoot.io:2096/m/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://pbjs.e-planning.net/pbjs/1/2e43c/1/hd.yalla-shoot.io/ROS?rnd=0.9984057266044724&e=300x250_0%3A300x250%2C336x280%2B970x250_0%3A970x250&ur=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&pbv=6.7.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&e_pubcid=048ba1a6-72b5-4b81-bde2-011c371d88fb HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/hd.yalla-shoot.io/ROS?ct=1&r=pbjs&rnd=0.9984057266044724&e=300x250_0%3A300x250%2C336x280%2B970x250_0%3A970x250&ur=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&pbv=6.7.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&e_pubcid=048ba1a6-72b5-4b81-bde2-011c371d88fb

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1&C=1

Request Chain 146

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfGB4sxzvg-XP9vHV-3T2QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM6-ETBwyoSNL5LJ1oSMHAY&google_cver=1

Request Chain 148

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3ODk5NTY5OTc2NjE2NDYyNw%3D%3D

Request Chain 160

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFwQST2CihEKluaV0TEVFbA&google_cver=1&google_push=AYg5qPIYbwOcsu6mcCGxg6YDbNDdV3_dsgyYp69pXUCaxNVdlj2pVPsCpeAgpqXAnPcwv_s7hZPz1SewXDIy96Igw-npD_yiDRUC HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFwQST2CihEKluaV0TEVFbA&google_cver=1&google_push=AYg5qPIYbwOcsu6mcCGxg6YDbNDdV3_dsgyYp69pXUCaxNVdlj2pVPsCpeAgpqXAnPcwv_s7hZPz1SewXDIy96Igw-npD_yiDRUC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Uk01VFdaTWgxTmNMVTc1&google_gid=CAESEFwQST2CihEKluaV0TEVFbA&google_cver=1&google_push=AYg5qPIYbwOcsu6mcCGxg6YDbNDdV3_dsgyYp69pXUCaxNVdlj2pVPsCpeAgpqXAnPcwv_s7hZPz1SewXDIy96Igw-npD_yiDRUC

Request Chain 161

https://um.simpli.fi/gp_match?google_gid=CAESEGtgrspD_vO_Szd_My2KQs4&google_cver=1&google_push=AYg5qPIwO__sBbg_9ceTU-jqd6VMECqsKMdo5ddOdmOQFzsRnYLEl-HbDnMisCrAHeHy7xrpJRH71EaSpiAW7aom9_Pw_oI2shh_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FEE220B193D044D59E9839ACB9C26CD4&google_push=AYg5qPIwO__sBbg_9ceTU-jqd6VMECqsKMdo5ddOdmOQFzsRnYLEl-HbDnMisCrAHeHy7xrpJRH71EaSpiAW7aom9_Pw_oI2shh_

Request Chain 163

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENDZzD_qoqqZM5XCeDT-J08&google_cver=1&google_push=AYg5qPJjc9y1Qa5nTc1V2TmGV2a0PC65UBdkxeV5AlSe9d5E2xtoxF9J5axWb-3Hv48X1YB4AZKVLDzGCKQV8lTdv8SJHHMJvMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJjc9y1Qa5nTc1V2TmGV2a0PC65UBdkxeV5AlSe9d5E2xtoxF9J5axWb-3Hv48X1YB4AZKVLDzGCKQV8lTdv8SJHHMJvMo

Request Chain 164

https://onetag-sys.com/sync/i,19/?google_gid=CAESEJmAmcc7hfHQGNctTatwF1o&google_cver=1&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc

Request Chain 165

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJKR49cG1CAcJa8bxwQZKjk&google_cver=1&google_push=AYg5qPLX9ePBx71N1TV_JOxaf-gxtDO2lyDNJdwPSc6qXJVhtgIJnEHOFPHA3HwdxKZ8TS3GuHayocWNKQdOm4KR_K3ptApwAiF6 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJKR49cG1CAcJa8bxwQZKjk&google_cver=1&google_push=AYg5qPLX9ePBx71N1TV_JOxaf-gxtDO2lyDNJdwPSc6qXJVhtgIJnEHOFPHA3HwdxKZ8TS3GuHayocWNKQdOm4KR_K3ptApwAiF6&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM2JpVUk1RTJ1RlJTejNfMVlmVHVwSFgxUUFyUXVwOX5B&google_push=AYg5qPLX9ePBx71N1TV_JOxaf-gxtDO2lyDNJdwPSc6qXJVhtgIJnEHOFPHA3HwdxKZ8TS3GuHayocWNKQdOm4KR_K3ptApwAiF6

Request Chain 189

https://gum.criteo.com/sid/json?origin=publishertag&domain=yalla-shoot.io&sn=ChromeSyncframe&so=0&topUrl=hd.yalla-shoot.io&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=PWr-TXxQRmJpbW0yQllyNHZPUG05UXRlYTBLTkYzTHYrWjJla2ZCUjhFdStwbE9WZTRPd1Q5RHdYRWY3T2x5OEppQ0EwazVrLzc1NHpRNTNpM0hVZzh5Z0E0Q2pTaGhqNWkxZzRLT242VHJJRkdDeE94bFR1TEhhYm13dlo4S1NXUkpUa0JIa1ZxbjNzOG8zTGQ2UDFGeWxVbzFIUHRQTnZ6UG85Qy9DTi9TNkcveG9aMTErdUVSZjI4dkFSREJqYWgrN3ZCMWNmV3o5Zzg0dlhCNVhNeEVLaVhlRHljRjV4aVRzdHI2eThOelB3c2Z6dVZodFp2MWgrbUh3YWJ3NHhyeGRZWlphd2RHK1RnVlg5Z2RmdXpsb3QrZz09fA&cppv=2

Request Chain 195

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2F&domain=hd.yalla-shoot.io&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XPd_-nxVdmV4L2J4M2hWYndwUWd4cEZtbmdUSXAvejd4RTN4cVF6dnhadXdzRUEwY0NjZFNHdGtBZEh5ZmtXM1IyNTRqTTZkR3oxSDR4QmtWY29JSWZBOG03YUxsczNQSEJqZk9IVFBoa045aEExS0pMZEI0QlZibndiSk5xL3hzVWRienZTWHlET094RG9NWEFZTytYWWtIblJTSU81MFQ0SkkzTDRmNlRIVzJjam9seG1NZCtLU2k3aEZyZ0VYZWt1RkowM2pRZ3dhbHRvK1ZDR0EyUUJ0eTBQc0haRVpwTFVtVHl4RmdnQ2hONEJmcy9FNUR3K2tHaU1vbzRYcHN0eWNJcWZqWTZjUlNLd2NxWnYzNTI0N09XWDlIV0pBeWp6N25qVVBIc0t3Tjdwbz18&cppv=2

189 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hd.yalla-shoot.io/m/
Redirect Chain

https://hd.yalla-shoot.io:2096/
https://hd.yalla-shoot.io:2096/m/

76 KB
17 KB

114ms
113ms

Document
text/html

2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27b3fa8c42db8c3444b12193a799733ead7c15cc76bc1f10e0c28d1261e6ebdf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Wed, 26 Jan 2022 17:16:15 GMT
content-type: text/html; charset=UTF-8
link: <https://hd.yalla-shoot.io:2096/wp-json/>; rel="https://api.w.org/" <https://hd.yalla-shoot.io:2096/wp-json/wp/v2/pages/8972>; rel="alternate"; type="application/json" <https://hd.yalla-shoot.io:2096/?p=8972>; rel=shortlink
x-fastcgi-cache: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWS52Y5XoxIQTq82I1%2FR1rN17JQgh7O0IjyrIMvALRtb0%2B1g%2F%2FNNzRPiyOq100WkpglNcC91wkQXjxgu%2FedB3QGcsC%2F3LvSyeIt1f2yG%2FCTvYycVyJPG709nhKETPpRRHbv1kdxL84hWOqPI5ol92nrKTjD8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d3b63569d2568b0-BUD
content-encoding: gzip
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400

Redirect headers

date: Wed, 26 Jan 2022 17:16:15 GMT
content-type: text/html; charset=UTF-8
location: https://hd.yalla-shoot.io:2096/m/
x-redirect-by: WordPress
x-fastcgi-cache: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mJjIhrxd%2FRy8v7Ych56QYoYZyZVXiqiHpOzjRiDi1COSyCZlPTEUuOj6rFCAlZ6PFCee8k3nhUCQVLewlD5oTNwTsmt7mb44caQ%2Foh8%2BaeS%2BM8yKGMHBPmMjGDc9YC2fNiH%2BQdugbwEyg5WNyOjhKPLI9JT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d3b6355fb0468b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400

GET
H2 200 logo.png
hd.yalla-shoot.io/wp-content/themes/YallaShoot1/img/ 4 KB
4 KB 80ms
80ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/img/logo.png
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66ddf63cfc9a614849bcb959e3b616478106a8754cb9f8ecb8b618977a73209

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:15 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
server: cloudflare
etag: "61d0a554-fff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmTmkncsjqksFpc8s1%2BH8nIwJeoiOAkZEZwD3c2v%2BCVVPp0joiYhnKFDWdI7dWXUiJqfBy1%2FJETohU5cA5PjYdOx8qJOK9IAbmqek%2Fvwxh5rfiLcDZ6mJDGDSeskanb6bLW4hCVlTSv7Lws8RXslk3Oi2WsI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63577fa068b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 4095

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 401 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff
hd.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/ 56 KB
56 KB 106ms
106ms Font
font/woff 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/fonts/NeoSansArabic.woff
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://hd.yalla-shoot.io:2096/m/
Origin: https://hd.yalla-shoot.io:2096
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:15 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
server: cloudflare
etag: "61d0a554-e014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5WiAD2tWP%2F2qwfq%2FEAL02SXWtT6Xmc6Z%2BYPEe0BWJ0lrbv4H0czJjgG0Qvq%2BTkcJdQh54xmGz53vM96%2B5DSFK00yklLVFAv%2BBdJz0ZbC1Mi7F8i4yEEbY8WVz1WdElibBLItGLVkPAAeuqSCpRcyda%2BF%2F65"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63578fd368b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 57364

GET
H2 200 rocket-loader.min.js Show response
hd.yalla-shoot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 46ms
46ms Script
application/javascript 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.yalla-shoot.io:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:52:06 GMT
server: cloudflare
etag: W/"61e833a6-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPCIHdBLWVkJbW1kuKpOb6NHSbDO6MAhIba%2BI2wTcLErgEn8glax8w3AtrBQFOB4LOOgo7Ly5vY8eiVtnBrmGwuutkl4JH4ffS0TYkMjdZBQtOZu1CvVRY4%2ByqrCQDIA3KcQHpsfKBLdPAITEGIymVvTNhKq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3b6357982968b0-BUD
vary: Accept-Encoding
expires: Fri, 28 Jan 2022 17:16:15 GMT

GET
H2 200 lazyload.js Show response
hd.yalla-shoot.io/wp-content/themes/YallaShoot1/js/ 7 KB
3 KB 85ms
85ms Script
application/javascript 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/js/lazyload.js
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4b49d4d31bafde40cecd2f1810924311d1c8e3809fbaaddc3a1578c3e18b34e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sun, 02 Jan 2022 15:54:22 GMT
server: cloudflare
etag: W/"61d1caae-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsPcvN4NL0mZjV4rq0epJP%2F1GZh1fxXxbn1feLicArqzVt6dYOdx50oKBzK0Dxfog5GTnAqtdqKopE82FWUXDEEB2sOjOTQW7Cdcv9JuKQmRBrZgV10%2FBXc4TLt4mBjjM%2BXUYMPRVrunBQ%2FhQ0CJRhy6Vv0C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3b6357f90b68b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 99ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef7fbfa9827578aadc731b39197ea9baec700b23ff8b86e342fe6f0a20c631fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35989
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jan 2022 17:16:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 123ms
56ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

24c1ce8ed762946df71b690387fa50e61b7a3dca71410cdf12b6f4653ba8215f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27062
x-xss-protection: 0
server: sffe
etag: "1113 / 379 of 1000 / last-modified: 1643198680"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Jan 2022 17:16:16 GMT

GET
H2 200 hb_502684_12987.js Show response
player.adtcdn.com/prebidlink/456449/ 389 KB
114 KB 108ms
58ms Script
application/javascript 2606:4700:3032::ac43:c67b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c67b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194b01f9ae95deaaae709ec3f378f1788150516c5817d345c40a062f85dbbc6f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 529
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 24 Jan 2022 15:15:52 GMT
server: cloudflare
etag: W/"61eec2a8-6138c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IKU5uJEJ%2FjupwXmIYtIeUkDs3x4KUVDJ%2Fdoc2%2FhxeHXUWnorC%2FSDjMxznZtURVEsazQAsyKoodgCjrKpkbmfJ2uZoniY6FfLT0ngvvGpkHSE%2FK4KDHdLMDH0%2BlVPfo05BgA8dYsTNee55cbtUwwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6d3b6358ba2c3750-MXP
expires: Wed, 26 Jan 2022 17:22:27 GMT

GET
H2 200 wrapper_hb_502684_12987.js Show response
player.adtcdn.com/prebidlink/456449/ 1 KB
1 KB 94ms
45ms Script
application/javascript 2606:4700:3032::ac43:c67b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/456449/wrapper_hb_502684_12987.js
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c67b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 541c9382e82511a802d3cee0a0ce1fdc85435aa5bc06aa6683f133cd870af2ce

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 529
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 24 Jan 2022 15:15:52 GMT
server: cloudflare
etag: W/"61eec2a8-421"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToX5YF0n7LTTdEYfaJ%2FHLTzHVtfkNQWMVMD3aZ1MTQwzk%2BZnYoRlkeQh7MpWsayfkHE0A%2B8FK65PwKb%2BqnyrCe7wc7ddyyiWXvdhtSjjr5tUh9Bf045MDkKQe4tYzpBLRQ8mJSHSLekJg3bFn02RSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6d3b6358ba303750-MXP
expires: Wed, 26 Jan 2022 17:22:27 GMT

GET
H2 200 Untitled-6-copy-1.png
hd.yalla-shoot.io/wp-content/uploads/2021/10/ 22 KB
23 KB 111ms
110ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/10/Untitled-6-copy-1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dbf68dde75062409daaf80bc1f5a18a0bfe82e0f3860fb3c9c1e67dd103c27d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 31 Oct 2021 21:44:24 GMT
server: cloudflare
etag: "617f0e38-58cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjRYgV25OB1n9ajUiBNWVTRrxn582eYWOie1TgvdXqUmRpJVizwdkgxROYR3C4f2%2BprILVKS9FRELVdT50ujphUsiAsKnvmC9OxUYnmZbgJRpmB1OBpWoxoevJzzb8F8Wa81DrymFKXo30UYA%2By%2BVkcMUwW9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589ae968b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 22733

GET
H2 200 880UCbaux4wc8GngA9SLw_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 10 KB
10 KB 82ms
81ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/880UCbaux4wc8GngA9SLw_96x96.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0336209db3d58512c01a8426dbb6970311966fdb25b7d18f0773115cc385b71c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 14 Jun 2021 01:44:41 GMT
server: cloudflare
etag: "60c6b489-269f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0RL1NUxIWj0CAJlAWX8HaI8mEOGFFu39svBu6C2d1pOMWzjG5iIE%2F6vMNHdlsCSnZIii3YHa9N4kk6tsVI6HcW3buM6Cc6GyNui8a2%2FUWDvkpw0k9Nfwvv7XY1guLaQqoq4inTP0EROFPnPKWdaBa8ectGp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589aeb68b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 9887

GET
H2 200 MMwEkEl3UO9A2Ci3g50-FA_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 10 KB
10 KB 80ms
79ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/MMwEkEl3UO9A2Ci3g50-FA_96x96.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b062a3461b78c5b36d980f616f9445066c05cc0ed109f51ddf7afdc1b33e107d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 15 Jun 2021 02:58:20 GMT
server: cloudflare
etag: "60c8174c-26cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BmytrgBJE6ezovERx5VHn4mSwF9I0f2dVmO%2B0Ieb1jyo7uT5iJBwSD3jVj9MZ1yoW5IbYDDpljepQ6XHyo9HWkEn%2FR5%2B0RluFs%2BxRtPOJaXBhpvH19b7GWsfcOa2uyQVl3Iz%2BsHCZYBo4RJwf48yyhEKhGP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589aec68b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 9932

GET
H2 200 future.png
hd.yalla-shoot.io/wp-content/uploads/2021/10/ 18 KB
18 KB 110ms
108ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/10/future.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e6af4b376ce6da5efbadb3c3d36be12e9d83bf6e92bdea4a82c4db206c3cdf9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Oct 2021 17:19:42 GMT
server: cloudflare
etag: "6176e72e-46ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvnxzjsWCPl2GPV3WTvLrP1Qnpo7aK63o2x%2BD7xaAxtva8pke6PQvGVq0ZRU5A6rp610EqzRbF1j7KjWOzXEdSV2xOpel%2FhWBakQAoy97Adw6xOb%2Fuiaa%2B33x5u4g2fettmXSB658kcK59nYKXCrkrXlrRYu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589aed68b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 18122

GET
H2 200 Untitled-1-copy-2.png
hd.yalla-shoot.io/wp-content/uploads/2021/07/ 12 KB
13 KB 81ms
79ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/07/Untitled-1-copy-2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75cd07e4ec769b92c8cc9c7f8d53fdc71e3a4171c8f085bea89151ea74e478fc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Jul 2021 05:10:09 GMT
server: cloudflare
etag: "60f8fdb1-316b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaVXBP5KEtRuri3QuvdYK2idXQvTchZriDVy5v4To5CmA%2FnPw1S1sMVZqzm5iXfY5qj%2FXOQ21nJ4KrIbGX62C9kMUySgfU7cyGJJuAf8jtM3yTgtyNT005N%2BtPYOiGvj2utkGsw0KB%2F2FRC%2FEoYvxS3%2BfMjt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589af068b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 12651

GET
H2 200 lYah1Uqw37XdicC6C4HNqg_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 3 KB
3 KB 89ms
87ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/lYah1Uqw37XdicC6C4HNqg_96x96.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2cbe5826edd81dcac7bfb1cb1027304e1211984a5d983526e9666ab686ed676

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Jun 2021 02:34:40 GMT
server: cloudflare
etag: "60c17a40-ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vBvkv9L%2B%2FiL97Ps7KSfnLuhDCdLnk6OOgpa0GsChn5QRD9AMBh0Z8CYpAF4ntuuKs799sP6z3V1%2FaIjj%2BuK08Mr4R3XCrZ2JWJh21dRTL5cwZhAUXzpUmjFDQkiD7fGy8hcugGBWt5aS2PJ6n%2Bdv%2BvlMpsb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589af268b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 2752

GET
H2 200 zZzKmdy0FsJ159f9r0vxrA_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 2 KB
2 KB 82ms
80ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/zZzKmdy0FsJ159f9r0vxrA_96x96.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb0abeb989026d763ba5d4b83848a5ec14f6dc894bb1e25c7104b26d2a2bb4e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 14 Jun 2021 01:57:25 GMT
server: cloudflare
etag: "60c6b785-78d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UBkuOL%2FAjUxtWUm5iuGvDAHz9sm8sJeetzgMhfE8EzuUarq0BwbdpVmEBVb5Cwv7MevkrX7eo3NtdhiDQN34kwy9pDWnaLqFgMtxWEyZb2Un9oHPuurMwSvrDyUadXoUMtkJ8Ub6o3o9Ww5QUIkct6%2B%2FoEm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589af668b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 1933

GET
H2 200 MgTgO44PlRIyAdPRGCPG0Q_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/11/ 3 KB
4 KB 76ms
75ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/11/MgTgO44PlRIyAdPRGCPG0Q_96x96.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e40e7ca1e1a265b84be5a480ea43c64f8d8fc0281eca4c37378a2381587cbbd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 12 Nov 2021 01:10:42 GMT
server: cloudflare
etag: "618dbf12-ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXPdMljm0hrTVbCouJpC%2F5UzAO6ARwdN6pW7wbE0PABaAgKMB61sRacEcn60LuZ48wY8pQaLajaua0jdEinDFY3RCJt7%2BlGv6BWx%2BrzpVRNHm521mNctNg2jqeeb%2BKN4Cp%2FffNFPg%2FAMAAbK5dx%2F5En7F9rz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589af768b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 3301

GET
H2 200 Ivory-Coast-Vs-Egypt-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 13 KB
14 KB 77ms
76ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Ivory-Coast-Vs-Egypt-300x157.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a46c9e032c450ce9f638c704912d3d4c62c808d5ba9e2ea9829e1712369d6d3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Jan 2022 08:46:11 GMT
server: cloudflare
etag: "61f10a53-359b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1A5DKfvwd%2BG0s9iD5YNOaXPx8fXxBDuPopMuf4jR6B1P%2FRt%2FumkBjnU63RQcXPd9cWcIXMKCZZ4KBpmDo4e98xc81fkpgZZ8gBVjR7AtIlkYEodgMLLmzs%2BLmbFB4NYmaAWgH36%2FswHvM5Q3WwdYLPMbUCn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63589afa68b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13723

GET
H2 200 El-Masry-Vs-Future-Fc-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
15 KB 104ms
102ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/El-Masry-Vs-Future-Fc-300x157.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ddbc20b9ec532b532ee97db36a911d34c785ec80818c05499bcb0779ea8c70

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Jan 2022 12:32:56 GMT
server: cloudflare
etag: "61f13f78-3924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJerSFHGT3yZZdk8uY2OyCkiBkCKlGlnKTPvauPSNyLVwDOgEVRcRz9tnkRli12XnGl0WB7R4VOGpIdorkR2EhSSs2f%2FNj8OuUlnC290EILgQfiq%2BkG4ftXWZUVRSu%2Fygs3nM7JS%2B23So2EqwwRGW39GJnkH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b6358aafc68b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 14628

GET
H2 200 Eastern-Sc-Vs-Pyramids-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
15 KB 226ms
224ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Eastern-Sc-Vs-Pyramids-300x157.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9833a41bc2778c388d9cf678b416bdd6ac5d1a1414872aeae2b6d061c02540ba

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Jan 2022 12:06:20 GMT
server: cloudflare
etag: "61f1393c-37eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkVULUGf4IQjSX%2FkkfThK7bTnywEeZimLl9vf2COCQJqbcHKOlmv736bhu6zfyAablX9vJ%2BjgWNTv3mBa3Tpp3zcldsm8srdJjuSk9z5Q1XYxx6sN9pN%2FM0l2PPmi2%2FPlqBnIgPOSOdOg6mCKpW%2BL4wwQaXm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b6358ebb668b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 14315

GET
H2 200 Morocco-Vs-Malawi-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 13 KB
14 KB 225ms
224ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Morocco-Vs-Malawi-300x157.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ac8d794422508d410f4a4b61b3ecdaa9d3fcaaddf6ea364a8afc1656bda3ea

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Jan 2022 11:41:52 GMT
server: cloudflare
etag: "61efe200-34ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNZtD8Xi0erjgVhHV4LtJcH9%2FyPkVdO2Sm86xukzectcwxkdawBq6T54YNGm%2FjcH2lwSzqydo9ZWAW4b%2BxBdRrORBIRSd%2F%2FhqAWFjvtglCJyCvlW9mMYAhuZXe10UAya1W0XNXsqAT1rJI69nYciH3b2%2FoLP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b6358ebb968b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13551

GET
H2 200 Senegal-Vs-Cape-Verde-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
14 KB 226ms
224ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Senegal-Vs-Cape-Verde-300x157.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e0a292981433f2859535186d022a43a97e8cdff0b8668762e5f758168039c5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Jan 2022 11:35:54 GMT
server: cloudflare
etag: "61efe09a-366c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mQVt3TYIZOtMt%2FCnj9RyB%2FhSqcaZB2WET2cUahqzo0mpHPZj%2F8jA8TdflK%2BTOp%2BITZ773OQlfbXvuwpDhyz3WSguKWJj99WE09BpTGQyBV4spmFbgeQewZTbH%2FEix2YtVMRQRKtGtgD%2F586b%2F7K0tQT4SS3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b6358ebbd68b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13932

GET
H2 200 Cameroon-Vs-Comoros-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
14 KB 200ms
198ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Cameroon-Vs-Comoros-300x157.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90555659036430523c6ed0c359d2d148e28842f463faf55b99d26c005d60f7e5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 24 Jan 2022 07:33:47 GMT
server: cloudflare
etag: "61ee565b-3607"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVm0GXwWFPwvrfedpdskdNKXEnhpixhyKrnDXDj7x1z0W0vIQnaAL3MY%2F7So3l%2BumyPmGGrIAsw4kwkW2F%2BK57hSrPxBbKss%2B9P%2BN%2BE2mrDRi%2Fr0Ko3NurVTaqXJ2mKRqAXcUwarbfNIvAX7XqNZgnHY%2B48q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b6358ebbe68b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13831

GET
H2 200 Guinea-Vs-Gambia-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 13 KB
14 KB 225ms
223ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Guinea-Vs-Gambia-300x157.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b535af2067fb4b3fcf9b1586167b9fbea52341373e1605ddbadc5cf40d92beb3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 24 Jan 2022 07:26:17 GMT
server: cloudflare
etag: "61ee5499-3537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlX6uhRXkXIbfVDulT42XJ01exGSi%2FxXtlLD%2F7cPu0jYRofhwFJN2%2FlFCikJw10bzGlacmHJrueYHWKX41idwHjh8IiNAIp9DoVOLn%2FgKvINecBcRRxFuQJVkpT7NK4qBo4Zho3VvbnQXzpi4%2BOyEU3EFYn0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b6358ebc168b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13623

GET
H2 200 Alaves-Vs-Barcelona-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
14 KB 199ms
198ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Alaves-Vs-Barcelona-300x157.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d00e7256a2f53ef06f12183cb58bf4d931d24de331ba5b653acba99865bf295

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 23 Jan 2022 05:54:21 GMT
server: cloudflare
etag: "61eced8d-382b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmWOBRN7Rsr21WR4mJHiA7wt6NUiq0PbdYi0GtKVaGi62oPsoxFbWIH97eP4qzzb2hkSm4wSUCwN5o%2Bi4%2F1Oq5h9QSKuRTb%2FgCfiiSdCohpNCQIyj4yTWaPOn7o9wPlPGHYFw9%2BUfnrZ43X9iKrEGTGb00%2B0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b6358ebc468b0-BUD
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 14379

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 100ms
30ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6082
date: Wed, 26 Jan 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 26 Jan 2022 17:34:54 GMT

GET
H3 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
118 KB 74ms
37ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 26 Jan 2023 17:04:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 164 B
137 B 77ms
40ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hd.yalla-shoot.io%3A2096

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

515f14392d6dcadbdce08291ae0ed2be4d4f8ba752743db26e04d5a2a678dca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 0
expires: Wed, 26 Jan 2022 17:16:16 GMT

GET
H2 200 hbw_master_502684_12987.js Show response
player.aplhb.adipolo.com/prebidlink/456449/ 77 KB
25 KB 90ms
15ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/456449/hbw_master_502684_12987.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/wrapper_hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9f9c7203f7f8c93933e7f8259c8c50e99b8f1d0a2d1639569ca4692cbccef936

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 15:15:52 GMT
server: nginx
etag: W/"61eec2a8-1336c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 26 Jan 2022 18:16:16 GMT

GET
H3 200 MgTgO44PlRIyAdPRGCPG0Q_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/11/ 3 KB
4 KB 64ms
64ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/11/MgTgO44PlRIyAdPRGCPG0Q_96x96.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e40e7ca1e1a265b84be5a480ea43c64f8d8fc0281eca4c37378a2381587cbbd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 12 Nov 2021 01:10:42 GMT
server: cloudflare
etag: "618dbf12-ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzcKx5AAfolj1R7UWQ3HH5dtbU%2BvQvMEApz2SnsOWXyElzSD1dUegplP3nSgBr4otCserIwoshAMWQ7u%2Br10o7tttuTuAy3j4GZMV39TMLjOIeqej7bmn%2FRYvTi5GqjY%2BuKwySXi6T%2FellNuVWSTcoY0RqQt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63593b117427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 3301

GET
H3 200 Ivory-Coast-Vs-Egypt-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 13 KB
14 KB 101ms
100ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Ivory-Coast-Vs-Egypt-300x157.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a46c9e032c450ce9f638c704912d3d4c62c808d5ba9e2ea9829e1712369d6d3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Jan 2022 08:46:11 GMT
server: cloudflare
etag: "61f10a53-359b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiN9oe5aMY5Jj%2F%2BtWGrizPG%2BFRsU8arr8FnAPMEViKwtlydAv8RZYb0W2M4zwyghdoh4zhHjJdY8ldZMVlpZJ1gSTGn5Q40dlwZUa%2FaRg%2FetHz87Z0klcR7RsjMh4gUWaiC9bT%2F7M8xoVGlBrXnu781JyMk7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63593b157427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13723

GET
H3 200 MMwEkEl3UO9A2Ci3g50-FA_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 10 KB
10 KB 64ms
64ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/MMwEkEl3UO9A2Ci3g50-FA_96x96.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b062a3461b78c5b36d980f616f9445066c05cc0ed109f51ddf7afdc1b33e107d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 15 Jun 2021 02:58:20 GMT
server: cloudflare
etag: "60c8174c-26cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eItxS6rDWe2W0UHVEIK7%2FTpoSLSSMohBWz055J3y5Sx1MXVb0nRO8sqsEBIMDQJUkgNvskWGsu7MustSexaAc9gbYTKyn3OJQJoazcaknFf5eHTpk2nc%2FZY0V1itN8RR1pJu7JuuU3MkAOhE9omS5RIjzebi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63593b167427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 9932

GET
H3 200 Untitled-1-copy-2.png
hd.yalla-shoot.io/wp-content/uploads/2021/07/ 12 KB
13 KB 137ms
136ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/07/Untitled-1-copy-2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75cd07e4ec769b92c8cc9c7f8d53fdc71e3a4171c8f085bea89151ea74e478fc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Jul 2021 05:10:09 GMT
server: cloudflare
etag: "60f8fdb1-316b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQ0BKUuKWkxIJtbA%2Bv9EWzdhYI6jfc8q%2BAg3DudPU6cN6lTjTUHYrsOZ6g5oYLcpEfpsdoSApRdslGxYMmAmN6xLkDYDGuKKEvd3gsDM5FL2pvccUl%2B1lYePjyEl9U8Azr%2FcDU6812EGOUBz2jah5EeJO2u3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63593b1d7427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 12651

GET
H3 200 880UCbaux4wc8GngA9SLw_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 10 KB
10 KB 124ms
124ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/880UCbaux4wc8GngA9SLw_96x96.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0336209db3d58512c01a8426dbb6970311966fdb25b7d18f0773115cc385b71c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 14 Jun 2021 01:44:41 GMT
server: cloudflare
etag: "60c6b489-269f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZSUu1F4YxlM5ScLk20QllQ1HG5fpHQKYhOVqhZnllmkx2yzcAOnX8kPWvMqi10JtExjBYzupDnKXPJK2ixzLN6fP8xYWW4tG%2BYpZK8yd2jj7RFspAl64IJKHKvMSyvVQX6rdjb4sEymBXWb22b%2BTRNUJIpL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63593b207427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 9887

GET
H3 200 zZzKmdy0FsJ159f9r0vxrA_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 2 KB
2 KB 138ms
137ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/zZzKmdy0FsJ159f9r0vxrA_96x96.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb0abeb989026d763ba5d4b83848a5ec14f6dc894bb1e25c7104b26d2a2bb4e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 14 Jun 2021 01:57:25 GMT
server: cloudflare
etag: "60c6b785-78d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3xn3wkjQ2pEnvmJKjzULW26a7v39PUFywcKERKhVK%2FwQKr2F6iyqQi6wcmFTAyktwOFPuoHjOAcWGqH2I%2Fhh3Ff1TNSsaF5GeIqVWyxItINsdWaZDAN8XXX%2BCiL9gXaMzSHLIOhlJkozdUUV5KFZjibJMpR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63593b247427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 1933

GET
H3 200 lYah1Uqw37XdicC6C4HNqg_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 3 KB
3 KB 135ms
134ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/lYah1Uqw37XdicC6C4HNqg_96x96.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2cbe5826edd81dcac7bfb1cb1027304e1211984a5d983526e9666ab686ed676

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Jun 2021 02:34:40 GMT
server: cloudflare
etag: "60c17a40-ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5l1z3ju0IqV29IeRinatbDTCaocGTePbuE13rE4cRbp9qAGkTeCZ7lAjXlvzLJpHza7FP8PdiXwRdLib8jLPOEmHwTvWDr3IWIz%2B3onFm7vCcFZa4GLtmVlocVb%2BgrKbCKXGllFdul8g7d5%2ByGZ7FXbaUWu2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63593b267427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 2752

GET
H3 200 El-Masry-Vs-Future-Fc-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
15 KB 83ms
83ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/El-Masry-Vs-Future-Fc-300x157.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ddbc20b9ec532b532ee97db36a911d34c785ec80818c05499bcb0779ea8c70

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Jan 2022 12:32:56 GMT
server: cloudflare
etag: "61f13f78-3924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGZNkNoRMsAxs1Fr96plmAQy%2B1j3jf6bx1HWu8pgqOe1Ij6vz9KXsqIjrkZPLXgfLs7IOjxBJOPP5cO6gdDdefdhCMdLzkXT0PDxj08wsiBQitShup0%2BYOoWNszZ%2FKgAsnDdYPoGoSIbdwHWEfFazyHTaT7H"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63594b437427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 14628

GET
H3 200 future.png
hd.yalla-shoot.io/wp-content/uploads/2021/10/ 18 KB
18 KB 124ms
124ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/10/future.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e6af4b376ce6da5efbadb3c3d36be12e9d83bf6e92bdea4a82c4db206c3cdf9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Oct 2021 17:19:42 GMT
server: cloudflare
etag: "6176e72e-46ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X326LHOtfE3PjwfJmbpwCFcnAgSgOImxKdm6OPNTd7Y6ebAm5I4ScywBdqgC8L9DsSnlN4CcAlNyYvi%2FKEenS5HW11uAYLcImRW6HfKpVGHmvO2tktGHlkS17qQx3tRBcZ5GP47PbzHdC15%2FvSQcckzctKqw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63597bc97427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 18122

GET
H3 200 Untitled-6-copy-1.png
hd.yalla-shoot.io/wp-content/uploads/2021/10/ 22 KB
23 KB 125ms
125ms Image
image/png 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/10/Untitled-6-copy-1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dbf68dde75062409daaf80bc1f5a18a0bfe82e0f3860fb3c9c1e67dd103c27d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 31 Oct 2021 21:44:24 GMT
server: cloudflare
etag: "617f0e38-58cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CANDpCz1OCCa9jqQtBSTbdCc9XnfQ0Nww7rZrFYjSi8dGydubGHjeQinav2qJLlKAjmN0ZCoZ0T1bvGxZfK4EMxfBOSy3Jh22HESKhEWZnXUDaDv7sXv2r1ou0qa8dvoFgKuajGLk3DF20dbEFHgn0UOXh4L"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b63597bce7427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 22733

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 76ms
37ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1624831542&t=pageview&_s=1&dl=https%3A%2F%2Fhd.yalla-shoot.io%2Fm%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=582370733&gjid=2011044970&cid=1701048479.1643217376&tid=UA-107335079-1&_gid=506265747.1643217376&_r=1&gtm=2ou1o0&z=87310411

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hd.yalla-shoot.io:2096
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 139 B
397 B 533ms
85ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/456449/hbw_master_502684_12987.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 8abd586c5fede8aef3de28a00e9883c399937299c29e70118f68e22560b4d60f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://hd.yalla-shoot.io:2096
Date: Wed, 26 Jan 2022 17:16:16 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 139
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
426 B 532ms
84ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=502684&site_id=12987&full_page_url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&adid=vt766c.me&features=32&vpbv=N046&lifecycle_tte=734
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/456449/hbw_master_502684_12987.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://hd.yalla-shoot.io:2096
Date: Wed, 26 Jan 2022 17:16:16 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 9 KB
4 KB 71ms
15ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 80aa650d0d8be62ab6c698dd2fa15f8de784f08600d6422accd2f088c8012330

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 12:01:16 GMT
server: nginx
etag: W/"61f1380c-2221"
content-type: application/json
access-control-allow-origin: https://hd.yalla-shoot.io:2096
expires: Wed, 26 Jan 2022 18:16:16 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 Cameroon-Vs-Comoros-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
14 KB 69ms
68ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Cameroon-Vs-Comoros-300x157.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90555659036430523c6ed0c359d2d148e28842f463faf55b99d26c005d60f7e5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 24 Jan 2022 07:33:47 GMT
server: cloudflare
etag: "61ee565b-3607"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRYMiY4u1RNDXQDy2mj0lKRatuRvWytX6yzLYT6r7WH8RahmhzfHKpkyiG2FiCACbZebEHgV5pYslGm11tgoN9qTsX3%2Bb%2F%2BCIn7X%2FCwMCEaR93gSKcT3DwtCGOEncWVYAnBatnLvvk%2BJOJHZu%2FxPR8nsHCzD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b635a0d4c7427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13831

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 146ms
37ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=hd.yalla-shoot.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 116ms
40ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hd.yalla-shoot.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 129 KB
33 KB 442ms
441ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4201320581948922&correlator=2016120374989692&output=ldjh&impl=fifs&eid=31063247&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220126&iu_parts=21939239661%3A22405246745%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1643217376327&lmt=1643217376&dlt=1643217375872&idt=421&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=4290626634&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1701048479.1643217376&ga_sid=1643217376&ga_hid=1624831542&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7c41f8179c722c44061385dd1a7cda93b1ea3fa7f171693ce593116a0cade692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33602
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hd.yalla-shoot.io:2096
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
11 KB 349ms
349ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4201320581948922&correlator=856993568487432&output=ldjh&impl=fifs&eid=31063247&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220126&iu_parts=7047%3A22405246745%2Cnativefeedapl&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1643217376330&lmt=1643217376&dlt=1643217375872&idt=421&frm=20&biw=1600&bih=1200&oid=2&adxs=300&adys=2079&adks=794404389&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&vis=1&scr_x=0&scr_y=0&psz=1024x0&msz=1000x0&ga_vid=1701048479.1643217376&ga_sid=1643217376&ga_hid=1624831542&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7b29ed3a60f22726583c1360897bec4ed42c4fe0e0037d3e8d432fa9eb6d89a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11540
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hd.yalla-shoot.io:2096
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 107ms
43ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d592a834521e5c7682460f2d9c0b7cd41cfdb0075c41f0d64f18b2f832a1852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8899
x-xss-protection: 0

GET
H2 200 container.html Show response
c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D55 6 KB
4 KB 169ms
59ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 26 Jan 2022 17:16:16 GMT
expires: Thu, 26 Jan 2023 17:16:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 36ms
35ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5132d372cb173a8a03581054f07b694cf11fbdce25ca75e0b9676abeecd101f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 18:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12969
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 20 Jan 2023 18:50:07 GMT

GET
H3 200 Alaves-Vs-Barcelona-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
15 KB 54ms
53ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Alaves-Vs-Barcelona-300x157.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d00e7256a2f53ef06f12183cb58bf4d931d24de331ba5b653acba99865bf295

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 23 Jan 2022 05:54:21 GMT
server: cloudflare
etag: "61eced8d-382b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNIlm8uIRhIoP%2BaxneGaqPnOOpnURbK0SeUOFuWPKsQWq5mfyOi4cAis62we7gvPf7sAQkH%2F%2FGT3tcasJQ4w%2FZb1YcWoeWBO9QSYCepg8wmzoUiv1p%2FtMN82%2FmPdC20BAcLYeCKfoSobKm6mtX78aIcK8fcz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b635a3db07427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 14379

GET
H3 200 Guinea-Vs-Gambia-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 13 KB
14 KB 71ms
71ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Guinea-Vs-Gambia-300x157.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b535af2067fb4b3fcf9b1586167b9fbea52341373e1605ddbadc5cf40d92beb3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 24 Jan 2022 07:26:17 GMT
server: cloudflare
etag: "61ee5499-3537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwZZUeH8QL9B8BPRc09HQN3DOPs3Dfmp0ICC8FIUqfRc34zm8ZlSGdOudYqsPm0Y2ECYjm0FiDB2ucWXQMWpkacf2gdrSHK82m0E%2Bn9naxnwuzCwEqNNI1X5mEeFcSpbs%2F81O62oscY%2FJ0uJr2KSySCusjZX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b635a5dcb7427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13623

GET
H3 200 Eastern-Sc-Vs-Pyramids-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
15 KB 57ms
57ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Eastern-Sc-Vs-Pyramids-300x157.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9833a41bc2778c388d9cf678b416bdd6ac5d1a1414872aeae2b6d061c02540ba

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Jan 2022 12:06:20 GMT
server: cloudflare
etag: "61f1393c-37eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyTaF4mAhuy3Bk1taz7MBidc52BCiWavxAVkuSfg1MQT42qcCN8r3q3cc8E%2B5dUEtVWt8ph7aR1N1xzJwtR5Tmd%2B%2FwGP9jTwIpCo9gmU9xHGtNUBFlQZxXUit5nuoyaJQLcx5HBMS0rJGFg6EVR9sui9gxx%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b635a5dd27427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 14315

GET
H3 200 Senegal-Vs-Cape-Verde-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 14 KB
14 KB 63ms
63ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Senegal-Vs-Cape-Verde-300x157.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e0a292981433f2859535186d022a43a97e8cdff0b8668762e5f758168039c5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Jan 2022 11:35:54 GMT
server: cloudflare
etag: "61efe09a-366c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB3%2Fh2YOZaPc0l%2BOq6F3Qm1aNsq%2B%2FCIxnc91EbZrJfJYX9n%2BLdbH893nYOjT0I5vF2Z%2BX46rDGFJapn%2BW8zsdLMysKdktCmBuNeKKT%2FB7VXL20RZD6mqzAisRoaLBYlhjmJxxl9rSLFz6kNs9Cvwncd%2FDpCG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b635a5dd47427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13932

GET
H3 200 Morocco-Vs-Malawi-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/01/ 13 KB
14 KB 53ms
53ms Image
image/jpeg 2606:4700:3038::6815:ea8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/01/Morocco-Vs-Malawi-300x157.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ac8d794422508d410f4a4b61b3ecdaa9d3fcaaddf6ea364a8afc1656bda3ea

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Jan 2022 11:41:52 GMT
server: cloudflare
etag: "61efe200-34ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVnXqSfyVdUcF%2B7qbn1ufjqo9qDK4Dp%2Fs%2F1LbDlsnmI1e1W4qNQrBQ0OVw9EwuUm%2FgkiamVPC%2B%2FxotHUUq3FS4qI1sRgIaoi5Cu%2FpCkc56asV0%2Fv3%2Fre1qzhF86HW33oY6%2Bymm%2FZxbrrTUCWU1O%2FfIUkvAh2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3b635a5dd67427-LHR
alt-svc: h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length: 13551

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 187ms
119ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 17:16:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4B2 13 KB
5 KB 69ms
25ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 17:13:53 GMT
expires: Thu, 26 Jan 2023 17:13:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3997 783 B
1 KB 115ms
38ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1459b0151945e97e8a163aab8cea597d14f4252d30e184ef6af82cb2ca62ea97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J0VN4ajiJigzVmPFdZZ0xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 26 Jan 2022 17:16:16 GMT
date: Wed, 26 Jan 2022 17:16:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-J0VN4ajiJigzVmPFdZZ0xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032201141909000/ Frame B05A 220 KB
61 KB 162ms
51ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3a5dcc2dcf4364d3af72694d52da570a64059f757acb3ba9e67e72a0c0e5cbd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61509
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c1d9800ee305113f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032201141909000/v0/ Frame B05A 16 KB
6 KB 282ms
170ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032201141909000/v0/ Frame B05A 96 KB
29 KB 248ms
137ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032201141909000/v0/ Frame B05A 5 KB
2 KB 280ms
169ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:36 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032201141909000/v0/ Frame B05A 42 KB
13 KB 285ms
174ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B05A 4 KB
1 KB 104ms
36ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 16:26:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 17:16:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 17:16:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B05A 4 KB
691 B 104ms
37ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 16:22:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 17:16:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 17:16:16 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8280094862124691567/ Frame B05A 59 KB
59 KB 29ms
28ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8280094862124691567/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qk9XBy8BGIODu9ijFkSO1jOFSvAOA

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d68f3a62f5fe7761d01b0a93ddf7fe08cffba689667b4ca717726e458f7f0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:56:10 GMT
x-content-type-options: nosniff
age: 102006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60514
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 11:11:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 12:56:10 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2159133789934531594/ Frame B05A 2 KB
2 KB 42ms
41ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2159133789934531594/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qlsGYTkjHyYKwVJkxe847wZWTRC6w

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf481e4916b386cebc8e4e61cb7d9354a594404b7274af2c78807aca055b5293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 17:54:12 GMT
x-content-type-options: nosniff
age: 429724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2143
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 11:11:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Jan 2023 17:54:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B05A 0
0 78ms
78ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNXHu4IHxYamyF9aj7_UPypyrkA6YmNL5Z5eP6JmqD9zZHhABILnb8yZg_YKRhOgRoAGg6I74AsgBBqkCXr_Sva3tsj7gAgCoAwHIAwqqBP0BT9BJCaORkM5xyB16vYDIANMfqwbhtO_nzQktz6Ch7OpKrnigStRAvS4VMX-1BVBh-DYrmLKFcerv5VaCXAkPzAo3TwDjnsEhGWlunnUS1drMvBiO5bZ3ZLz-B1OSLVYWb7W5SUXMbXwTJFTURWof1OXQ2iO_IRY9CeKUWNu_YYCMY3HYbEGKwYFGjhc77CtqT7_7HOSevFvLT0fUpKGwLylwTVerSi1fjqPZU70mTAsHg-Xx0JrHJutVqLrEv-A1494lx1F3aEOlV6F3LKdBrkuSLQpco_iv2JNqZ5foeOvNOTdWAO5U4swrqp08odWUs5KBvfxjDJ63js-1gsAEhY-Wk4YC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB8iX8YcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQs50H0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yMTUyMjk3MTk5Nzg2Njg0gAoDyAsB2BMKiBQC0BUBmBYBgBcBshceChwIABIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAY5MMO&sigh=b_m75AIaTbs&uach_m=[UACH]&template_id=492&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B05A 3 KB
3 KB 25ms
24ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 14:27:16 GMT
x-content-type-options: nosniff
server: cafe
age: 10140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Thu, 27 Jan 2022 14:27:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B05A 344 B
368 B 27ms
27ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 27 Jan 2022 16:59:05 GMT

GET
H3 200 vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js Show response
pagead2.googlesyndication.com/bg/ Frame C4B2 35 KB
13 KB 78ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13436
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 16:27:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3997 0
0 78ms
77ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=4201320581948922&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0878 6 KB
3 KB 63ms
29ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 17:16:16 GMT
expires: Thu, 26 Jan 2023 17:16:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
939 B 76ms
28ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8689
x-amz-request-id: txfd1c77a515734f94831ab-0061f15fee
x-amz-id-2: txfd1c77a515734f94831ab-0061f15fee
last-modified: Wed, 26 Jan 2022 14:43:29 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvr4cUnwh8wjdRLjqYAMCVPMCpLZAIzfu5R7X83OlmW9vQkTnDNGPM9FKwAGQBi4FT3BeBM3rJLjzkLPbmGX5cYjrMSH%2F%2FfjyvFMc79jnRQAw2dCENswK4Zx7azQgwfsg6jkR3omLlDO88d4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1643208209303360
cf-ray: 6d3b635d6c090f6e-MXP

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
527 B 106ms
33ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: fa5cdaf41d5ba61f449caf084c5849e905d9658acf4633d4a5f22fcf3e108fff

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 26 Jan 2022 17:16:16 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://hd.yalla-shoot.io:2096
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 693 B
1 KB 111ms
32ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

cd8a068ab0154eb7d7dd2e2c43f57105d735f378e62f538d98d3718eb0d754a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 26 Jan 2022 17:16:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 979c7279-9826-4fdd-b2aa-61e007a13b29
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hd.yalla-shoot.io:2096
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
223 B 241ms
98ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=79991809972

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://hd.yalla-shoot.io:2096
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
511 B 155ms
107ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0464f8fc57e7c59164be773ffae1f0a1f780686cef1859b6d92022b7753e65a4

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6d3b635d88dcd618-MXP
pragma: no-cache
date: Wed, 26 Jan 2022 17:16:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hd.yalla-shoot.io:2096
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
353 B 573ms
335ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hd.yalla-shoot.io:2096
date: Wed, 26 Jan 2022 17:16:16 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 220
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
184 B 106ms
36ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hd.yalla-shoot.io:2096
date: Wed, 26 Jan 2022 17:16:16 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
369 B 813ms
269ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://hd.yalla-shoot.io:2096
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/hd.yalla-shoot.io/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/hd.yalla-shoot.io/ROS?rnd=0.9984057266044724&e=300x250_0%3A300x250%2C336x280%2B970x250_0%3A970x250&ur=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&pbv=6....
https://pbjs.e-planning.net/hb/1/2e43c/1/hd.yalla-shoot.io/ROS?ct=1&r=pbjs&rnd=0.9984057266044724&e=300x250_0%3A300x250%2C336x280%2B970x250_0%3A970x250&ur=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm...

516 B
936 B

44ms
43ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/hd.yalla-shoot.io/ROS?ct=1&r=pbjs&rnd=0.9984057266044724&e=300x250_0%3A300x250%2C336x280%2B970x250_0%3A970x250&ur=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&pbv=6.7.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&e_pubcid=048ba1a6-72b5-4b81-bde2-011c371d88fb
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 36860c00071ba3f00a26abf06724779f0a85fba75cf6b113c338092ed4489fbe

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:17 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://hd.yalla-shoot.io:2096
expires: Wed, 26 Jan 2022 17:16:17 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 516
x-sid: AMS-739

Redirect headers

date: Wed, 26 Jan 2022 17:16:16 GMT
server: openresty
access-control-allow-origin: https://hd.yalla-shoot.io:2096
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/hd.yalla-shoot.io/ROS?ct=1&r=pbjs&rnd=0.9984057266044724&e=300x250_0%3A300x250%2C336x280%2B970x250_0%3A970x250&ur=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&pbv=6.7.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&e_pubcid=048ba1a6-72b5-4b81-bde2-011c371d88fb
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-739

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
121 B 562ms
181ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hd.yalla-shoot.io:2096
date: Wed, 26 Jan 2022 17:16:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 60 B
143 B 194ms
131ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 84f2fe35a016beb75985dd5b72bfc1139f9d827952824fa74f35d246bfafa518

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hd.yalla-shoot.io:2096
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 60 B
329 B 174ms
112ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 84f2fe35a016beb75985dd5b72bfc1139f9d827952824fa74f35d246bfafa518

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hd.yalla-shoot.io:2096
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
918 B 462ms
117ms XHR
application/json 96.46.186.58
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.58 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hd.yalla-shoot.io:2096
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
369 B 807ms
270ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://hd.yalla-shoot.io:2096
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 813ms
280ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=16&eid_pubcid.org=048ba1a6-72b5-4b81-bde2-011c371d88fb%5E1&rf=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=12b3b9b6-ee20-458b-b4b2-b8a636d9207a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.36545859971257877
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 16e75a838eaa0dd5afe697cd7023dcdd2de2b90d04d94290b412c47684e19a84

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 17:16:17 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hd.yalla-shoot.io:2096
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 846ms
301ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=57&eid_pubcid.org=048ba1a6-72b5-4b81-bde2-011c371d88fb%5E1&rf=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=3b390880-7d60-4690-9167-1bd8a5d5182e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.14663627785823152
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bd01cc5aa69bcca76ed1d74ff8716082632a2fbd8506fc0585bdc5945506b79f

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 17:16:17 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hd.yalla-shoot.io:2096
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
384 B 87ms
42ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=12b3b9b6-ee20-458b-b4b2-b8a636d9207a%2C3b390880-7d60-4690-9167-1bd8a5d5182e&nocache=1643217376839&pubcid=048ba1a6-72b5-4b81-bde2-011c371d88fb&aus=336x280%2C300x250%7C970x250&divids=gpt-passback121222%2Cgpt-passback121&aucs=%2C&auid=541177132%2C541177132
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 45af4150622cbb559079064e1992d7d86edeb03cbecd8ea2b13422d222e6faeb

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://hd.yalla-shoot.io:2096
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B05A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15ea6d29f07fcbf3187bb06097842c86d4a76b9c6266537783f7a5ccb5d1d419

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B05A 16 KB
16 KB 96ms
33ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hd.yalla-shoot.io:2096
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 98056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 14:02:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B05A 15 KB
15 KB 100ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hd.yalla-shoot.io:2096
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 444988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 21 Jan 2023 13:39:48 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 0878 4 KB
634 B 85ms
40ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 16:22:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 17:16:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 17:16:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7B6E 8 KB
888 B 79ms
44ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 16:29:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 17:16:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 17:16:16 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 7B6E 1 KB
875 B 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 17:14:21 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 7B6E 19 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 17:04:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 7B6E 2 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 17:00:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B6E 122 KB
38 KB 181ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 17:16:17 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 7B6E 15 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 16:55:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7B6E 0
0 79ms
37ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4xddksY6O6YabBobocnoXu4hMI1O5z99qHmj3cuiYxeDzKqA1eOhI_UkPtu_jbj7BY87JlzyS7MK9yTnfhc5TPnHuuQ
Requested by: Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 7B6E 27 KB
12 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 00:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 01:20:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Apr 2022 00:35:42 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/ Frame 0878 18 KB
8 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11153116566150069083
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 16:28:30 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0878 205 B
520 B 116ms
42ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 20:41:08 GMT
x-content-type-options: nosniff
age: 246908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 23 Jan 2023 20:41:08 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0878 604 B
696 B 116ms
43ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:25:06 GMT
x-content-type-options: nosniff
age: 168670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 24 Jan 2023 18:25:06 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 75ms
40ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8685
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe96b851b58d94d259ac5d-0061f15fef
x-amz-id-2: txe96b851b58d94d259ac5d-0061f15fef
last-modified: Wed, 26 Jan 2022 14:43:28 GMT
server: cloudflare
etag: W/"88567a823cfd2840dd0a3198b929d466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfUv2YdAwSSbB30LZwSj6MJbJiNpmgr1awPvTX0sgGLTSq7wu8PjNKrxLBd%2FpFks3%2BIxywpkd4ZAvyxTYszIBDORoXmjNRn%2BhmSflX0vBdLnwV4ss2661EkNEQRaJ2dG%2FGpzU1VNrbzKUW5X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1643208208262354
cf-ray: 6d3b635dff9659e9-MXP
access-control-allow-headers: Authorization

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C4B2 0
9 B 27ms
27ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JzZzkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B05A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

144ms
85ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H2
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Wed, 26 Jan 2022 17:16:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=4201320581948922&bg=!k5ClkNTNAAZ_DxPPfw87ACkAdvg8WkQlihoseb0Eo_t7ZVzoun6ewq6t3cn8UDJdc1EykLtaQnV0SQIAAACyUgAAAAZoAQcKAF4ODcni1-iAdSWBzDYoqEwNLJE68wtye79CAhJpSjX5Lz3gcrKbr3lZREtFnulhjS4SYGJPofill-e9p7wmEoHzi-nK_IbHpxpecgIlrnRgO8iME31iftYuUZ7xdFXwmQLXKp_kkHG5WjiqtQwuCwXG3qS-10cwACnuH2-IwimtL0HW9rk1uwXriZ81XSpfIuCji-25Dw0hXSe5Gcw6JCU3WRb4JthmdymOS5b2VE5CTUNSFDicx-cBOix93_Cu67jHl_72vgSVYhU57Ht-LkM7_r6xVQ3pjQT40yH7Z_uZWfKO_0Axco7XMF0tK9a78Okzst3J0WK7_qxKZQGm1B48zKVNuFi9d0yoBG0PhRWEG8KVKCMVKrCTI1uGC5gjijuVeCgC_W6BTlYcADrAhP_lEvY1ULt3olRKnW4oOc0PzK7HLXRAU-PaUWiLLBEvtRFkmaaakX-FW_AyZFrBKwFWCoLqLDz_N3BhEXWZHYAYGSWk8nwFvYEDhwia-gqibOinuudkbDhMgWqylF0cDjopvSqBu5qpjcBaC-k-dRJcgaB-_TWNdQvXhdu8FUDny4my1bc4Yl95x8YJ2NEx0iINxArMqw3p9S5iCz9R4y9tYSERYATuzo9R2EHJ_q4d5Gctjy9QYGrsUBAS0kI3CEiUyGyxqsIA3eRrvHMa_opZFWlO-zvonGwaYK6OZfYj3gFpYPEMbNn7a12I0Pn1BbT5b7V5lVfQElY7z_z3-TA3VCQhPBdGaBRSyTODuHVmROnOi31U6NzBnE0-acwYFvfAyok6lAZsQ4TYbv7Z8lingkRT7tuqi3p1zpWsMNiPpLEPwa53K9XWUVfFjg3Om7B5g8kRa6QTeHVMNOKFSXVLU1tffmzgI8NJpdbKVjrSOjkXDOPl1SuHUiN56MBWHBxzlH2vjVxiS8TCElBJ93LsEdIkWDvmeZBUS3iZu0_YrLvi_ucEKVlJLl8gzBCQGYqFbnA9Hqtn_R2_jbVmN47YPiLFoTewsU-vHvSHtJV57FQ7tMybWeZ4oGmv3m5v_nTt_ohukDRj4r-khlF9J3TLTpBvfFOnSQiklq0e6o_oOrp2XWLkXqvWYA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 73ms
39ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=hd.yalla-shoot.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 17:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 69ms
34ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hd.yalla-shoot.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 17:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
23 KB 869ms
869ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4201320581948922&correlator=2237647326232429&output=ldjh&impl=fifs&eid=31063247&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220126&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Ccube2%2Cresponsivetag&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4&prev_iu_szs=336x280%7C300x250%2C970x250&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3D78ee1c1dc142518a-223eeaa72bcd00b4%3AT%3D1643217376%3AS%3DALNI_MaDUHEHBw5zAuMFcW7OSeX0ckZFbg&bc=31&abxe=1&dt=1643217377692&lmt=1643217377&dlt=1643217375872&idt=421&frm=20&biw=1600&bih=1200&oid=2&adxs=632%2C315&adys=110%2C789&adks=558348788%2C1449004331&ucis=3%7C4&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&vis=1&scr_x=0&scr_y=0&psz=1000x0%7C1000x0&msz=1000x0%7C1000x0&ga_vid=1701048479.1643217376&ga_sid=1643217376&ga_hid=1624831542&ga_fc=true&fws=0%2C4&ohw=0%2C1000&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

807b6c40007b4052ab69b87b6fc5857941f89ed09ad30771f4226cef3b2c4c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23345
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hd.yalla-shoot.io:2096
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
213 B 91ms
91ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/456449/hbw_master_502684_12987.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://hd.yalla-shoot.io:2096
Date: Wed, 26 Jan 2022 17:16:17 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H3 200 container.html Show response
c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9417 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 17:16:16 GMT
expires: Thu, 26 Jan 2023 17:16:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022111152338000/ Frame 0BA5 190 KB
54 KB 171ms
56ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55512
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "211febc96caa9486"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:34 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 0BA5 13 KB
5 KB 236ms
122ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4994
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b314c3eb801664ba"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:34 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 0BA5 89 KB
28 KB 258ms
144ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "976e6f5df80f4e35"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:34 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 0BA5 5 KB
2 KB 168ms
54ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "423ab13fb6ff63c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:34 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 0BA5 40 KB
13 KB 242ms
128ms Script
text/javascript 2a00:1450:400f:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 66644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12843
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08cf721d9e54e414"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0BA5 6 KB
669 B 43ms
42ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 16:34:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 17:16:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 17:16:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0BA5 4 KB
618 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:07:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 17:16:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 17:16:18 GMT

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0BA5 3 KB
3 KB 27ms
27ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 14:27:16 GMT
x-content-type-options: nosniff
server: cafe
age: 10142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Thu, 27 Jan 2022 14:27:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0BA5 344 B
370 B 26ms
26ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 27 Jan 2022 16:59:05 GMT

GET
H2 200 15574646537271617232
s0.2mdn.net/simgad/ Frame 0BA5 43 KB
44 KB 189ms
107ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15574646537271617232

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2f88f95fa1db8839c5e012d0587eb78a481f5a998f15563dc03b28557f4e290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 06:45:24 GMT
x-content-type-options: nosniff
age: 37854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44498
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 18:44:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Jan 2023 06:45:24 GMT

GET
H2 200 10195238565260677603
s0.2mdn.net/simgad/ Frame 0BA5 2 KB
2 KB 110ms
29ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10195238565260677603

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcb6d9a56ed2444951a14d905cbfbab8bc5d1449702fab41d4afd70398dbc91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 09:39:21 GMT
x-content-type-options: nosniff
age: 27417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1976
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 18:44:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Jan 2023 09:39:21 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 0BA5 42 B
63 B 91ms
51ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcT0x6SJXcgkdY-0vPYO21rrmuySTCi6MLliIql4HxnNoCNQpmS3Trlk8Gfg842KpaAs9lRKHdw5JcDEbpFD-7vr8peipMM1oBLne2f2M5AXl2NRcC26RGx1x5Dm4D7lqU8srZ8sNcffGNr3-zFl6tE_a4Sg&dbm_d=AKAmf-ACvmS27o7eCkVH8dtDvh7vrnM4z_afeToB9mSfRB9O2KPLV0G75fyqxNlO_iVn5rdZV9AT7ZCBaS5Fcdf5jE5TJQMMvWI927LqIwypALQkFrnVsyxkr9nmiWxeStZewSGcwfBvHfvRugI-df44XcH_mjF_wofSBlBnGgBKx68zJ_uRUApOZEqmokt872-ZDi4qEYSPh696ulWHrDCuQD0__gW8NZwrM-uG7iveooo82usdEA8DScf1UyBQ8bTwgJjkGcoNYsngZh4AbFDZ2Z5jRxZS2PaYU_CYOpz_g22U5218UTDpHGTAtjzKX3tLszikT7OJdPaPemWrbyu7ymnrZDaej1turSx0qw7xLsSOmBDzCZExDLHcLDUqdst_NIbKXhEqxQ8kVSMsnOqD5bG0k6pBlbvNAHXj_1o_cPD1t13gBwTTMKndT-GPK-rGB0G0-7P6rthGzNLMPXv8jofSc69bkSNjNdSQWfKEuxRAHDjzpY_s4J-VgTeKbFyn00z44RI0D53qH1CaEPuTIz8i0M8x7-nY4pzMdp52bUw_IukNzuQuKlVUJc5FDBIPjVOju1SNdqpW_EkfoIMT94rUk6k_ZZjhkN2KB-sePhBzxEifDfhn7EssWJBrr7PGiYePDNaIYpVaSEjQZEBrdJ_MaUl_cEzZFsyvgiOkUbLHQPYUqCOTGMpRfgAWW0WD1Pp_-gO2N8SPNYg9ZxpeZPhysS_iyqlWrLDbcZbOWQ1wT1jGOo0DK2yHD2GPafI7naPp_pyUoWlwTZhDfz5TxR2Ew3H7TXmwGDxM_D8ut5gMbBFQb5Vf_taG3yapVjUjqihsAMUsTZzy4g30HtztR5bWzH_kJHDB6sL63RCy44RDIe0CJkaMn0B5hBxY5kBvSjUTIDn712-XugPwQfuZ1d3QkbPUsQq3ADza8qnIBz_yx4xVSesQO8lO5Z7SRmC41t1tqIXX6O0cDpuMyIfGEDPcktTclHqIwbMSxyOGKZb_yf4StZHPDtIQ3uNpcwx92-7rfRiOiXcPP2tsGA-AB5Wz4ZrckYu05AvjG_-Tj01-PnArXTcFfeIa73NsKa1LmCkmoprxIGoqXqTIwysESL8rl8EA5R5fiibAbHmc6h_mo5BfG0QaGQUhoS40s15i2dMdNSDvzaA-W925fLxHU-SGxex6O-h3ElVRg7YAvMGw8itLt9O50Yi0ZzuEQtrNgcm9ROeya7FbcmvoC7mNrnav6XrPCNJffK011SYtfepOorFfueLiupL-GLwIQyWthW9KTDTsHJGku0ZtJqD60bppVJMDBK15jmFx6kSCsJbqho0z6fA-5pA-Rk65zR8jy2Y6lY290c6tlUEkNJ4GwPmXosseXkQx20BjoudRfsR5RGVoKBJvzedXjZa-Jw7Ec34py-7Palw2hqXWuHZfz48WIu5eMG6Z_BW_lCaturuK5VioHa5mOYJd0wNkEQCIZI2DaJFanerIvoCF54agQBj1jMFLr6-_aAZELnhrzHtBwn6FscZ2clfJVqR2Nswfd3fwnYKXwrEq_ZZnlncwHzxYdzvqexiTEQaEfEBYGn0mmsZoEL0e13ZF2lPF_hR5hOe39_Ffm7T8TIwwkgvlb4o3lCDRmq2qJl1a0OK1PKQsQyEyQmVGQxXewD7VdThrZI23fUVej-D9hw1DQTqXkii3_wxEk6Cw0APRFR_DUdfwEFUGqs4QlKAzjt3EAO-jLbJhexFrmJ_9ogHMqgeCsxJOAOxW7eFIHx19TD2AA6JkwnNqqyN25ANp99jg1bDhmStb_9C0oWms_pPmmhKfZCkRtYgt5sYZpw1zQQxowa1a7ChFVNexYAr5Yr8L_sJEk1G5CtYorDYIzns2P7Wpn6cSIdSOKPS0GFQIIhgnHlwaTY1MvKpggr9IZaVbEJm5ua5xmXXreTQZsxmn0Bz04MxlaUNX5TfxwjImXBrMBw-jhJQCRAhCXRKIONkjdCmJpnBbQBIFK9TlyR82PVNTIghgGUILrzvdHkGZGp7Xl4dxlsm_SYaXCK9YO_E5O5-gxkiMKVniRQQsDt2eyvVHhnbX7MimzuJLnPo1ISp59YgX3MoWDyFQsBXI6VurrD8gaGfGEaLmweaFbsauTjidGt0PDtmRPOtS83nwFx1b9pGb1kvf8Mv-BjHO1ML8xKEa4sHTsC_ie1I1xAPrvvgwVEsJe1-LwRt-IgJbRBdLYZ3mLRQauZno_dUB3NHMi7Ahc3ddG1rGtgxbAAVOYIrEarHJ_iFOkxa1wxW6Sqyp0loXFIgYGDtwrThIyo5Ub7RDEhLC3EHKqFI79j_1zaVqVGQWd3SzVbFMMc88wbE68GMonAqvfagdPts87gzLnstVlW5ULlodSY1PQYxiNkJyMylp74RWC8n3OG6uISW7ajSlX__9TS5p-IQ-rcF_hjCEz9kWzeOyX981kKyu7t7sKuCyAYLjDlUxoXkiVQp9VCABuN2B7uKoy5WtLQ4VZcHIQYyBDswT0Z-4BzEMqmLYSdDDF4OJVkb5pktyoVRH48hQeBhjnIN7p2wj3Tp27OfIsO3vBalXmVREWCom4F59ax5GPUNx4tcjXZQHpj9TXGajYbyGLznCL6SO2CvVwTv1ulTaCGlj2jhn6kKTc-9tDww7kVmd1HXzZijsyRB1yTL6LpnDhKSJJBXTXon4QUvlNPkgp2N38Aso5ii-PuyAu7qMguemnJBhJZ0MGpmMlmd__hH44YLsu5y3cRBjz3cwTOsk9MFCzBRlXwCDVkwbET2eT-wFT9pAjDOx3aYHmgzVPkycNxNJTdslS6pOk8jCU91Qqmg0EfvfSwnEr9dXq6cFu5hKw5zi39VYs4j_1dpjqyxT6owAC9MHN7wE7PN_MHhHO5kfZsiFEs08CmRfUYLAJFsLnRGW7BWdklgpYP_BCfe-cEhE844sUy4x541QTbMiX1LzjwvkMiToQxGwUi5agCXQGFe9WGTYIEwFAsvNKgzlO2eVR0BVz5RtF0_PhxQZnIX8cqkGv_aweZ-dxdE7_0v3iEniPCrDsetUGcWd8aZF2U5KhEvBZc5hmLv4JaVOgFg0KnrwmW9IB1Z5fYGouWVcAmafg3gqcxZZ_mzF9c1ZIzvhGL9Flz1Dkj8u9skqRs0ZiCrWjUNoKYQBE7yi-BljkWwVR1fip0vG2cEcEPq0t9CBwAWj5qTk0YKb08WKcGZFU5h6vj54QqKnqW2XOjaMggHYU54I-Znl0dM5Zd4x4r_WOpManY7S-Z2IFTzDf5nfSlYR5o8-5YurP4evY53xCPcKi3ROnUbmefKLDoGwSfnLNEejydrAajQ-PbuclnI4t7h5qVaPaaIpsvMC_ZG-NfBYhF7pqh0_1kuBktCbZsgzb9MuE9KCmhtTRWppt0UAny7hN88-DcxFvaF6_JOEY4R-NIDTwkWXHOJePvYe67EihDvUzK5Rso_ztM5Sec3Ua7LXooIMYpo7YyrA5T1HeSjxhVLbXcV7imMx0Lmc_kOHevQa9a1AD73vrMNEQyyg9UJM-WKajUhjP1vjd_VX3Q&cid=CAASEuRo3JF81cN-F4XSya2PxMoTNw&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0BA5 0
0 72ms
71ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5-Qu4YHxYa7sLYSE7_UPy76j4Aa6pfqCaJas-bmED8Xk4LjCGhABIKiyhXxglfqGgpgHoAG-34C5AsgBBqgDAaoE8gFP0Lci_wVgt0EiSRpVIBjvpiy85B9Pz8JEwx-cQFUaHi-mtXrQC9XN57g-oAnF-Ia_jLk4842R-AweQxkSGGQSV23LGpbbod9WRqocg4GFMhq7NUeCCpT7J2n0imZ74pkmkzkYcJly172NpAlPzEQcGW-iQWRA9DgTcR2UGOHjYH2rCfVGs6dV5yIMMSqa15hZGv9mgPpJ2FGtgaRC7PH3G-D_pdeoVHA0ARD8n7QmINo3Xmhwo9CGDx1WRSjRxYe-2E1BYUdDJwJ8CdRmlOBKE8V4UyiFD47_cdJaL2gt5NxKW6JNn6A9TEeOd4Ihkvfcu8AE5I2yroAE4AQDiAX4lsCTOJIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHqqD_xgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHChCO1RgYkJuavQHSCAkIgOGAEBABGB2ACgPICwGwE4DN2w3IE7qe094D0BMA2BMN2BQB0BUBgBcBshceChwIABIUcHViLTI5MzA4MDUxMDQ0MTgyMDQYppN2&sigh=Opzc_-RreV4&uach_m=[UACH]&cid=CAQSOwCNIrLMTrAGKWvhqnK4r-NUh4nfFfW9UfjFrKDCjfFB9_Oa9xXlkjBE4b9Qzv-ZZCmSd-Ukr61b4Iin&template_id=509&vt=10&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0BA5 0
0 37ms
37ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPjtD3V4PDk-xVLWvRsYaa6v-f526WP5RhitTVE5rXuC617ts0upvzx9abEzzZo-y2NFWLB2Ymrw1fm-ghvvJJ4Zm-yA
Requested by: Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ACD7 624 B
297 B 63ms
43ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhie8qPAATAB&v=APEucNXM3VhfU5GppJPsVeRn8Jram9FgzhRZjCrWCItSn7NswftdLAx_bXOWVnlG3gxyPnhlLJVwGUr8lwzi2NmlXZEVsLvOvAy6pa_XeTkCbm81c3pZbsMPaQ7qOawbrs6JI4Hsf96nudYavrkgcsZlSdK0uOecIwCve3NMOiL-c-r4ye1PVoU

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 26 Jan 2022 17:16:18 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9417 77 KB
31 KB 106ms
87ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhaAZTzdsScMrHXDb1M5OMjKVD36-a3CyEVXIu2HNhAeFygsxKnab6is-enRjhmGTC6UDuLp5axkxLbQn71FbQoho72FGEZSCrMvlzSEcXD59zbOh9aDuJ3vYR_RsuoNwkCkKNrM99wxAOpuUxrBsOAu6MwA&dbm_d=AKAmf-A4tuiibKNGQhikJqAtUaroZLlaKnraJZrssE3ZHd3NhNaYhA-dhstqm-o67ia96qo4TkKRQ0EJkatxO2zgD_f2dpIPBAnuZzueq4QmWYxXgAiH1bLNR5R8KDayjWZ_NTPJcB3K_J7bmVJA9TAXnzAF10HNKf19d5CbaGqpi3whH9cLP3sQ6ZVvjH2RSGorircBFVY2PduM0BMU3v_GvDspGRD8tyS87uVgDsB3Imy1mmtvXro18QeoKzK_flpBvYwV8R6wyRsfu5iOStbcM-lQdy4-2nwKh0qe6uvfnu_4Sls9mwel4POStmZk9-2O5A8CfQpHGvqxERhSMUc5fpDGk2DRlk2CTfbt3qX2M_XDKHbpBEMyWhjmP72g7p1nNlhYvwBifuLBjXaj0lPiQh_T6LJerKyMvOQ514nXkN13NXMYhoWVFgMu1P7qIWnpHX_nO9Oy4O30heCNpLCMNLjRNOdXQmtLxXaEs9eAPQrMZ42OzCEdYWmhdgUJ7HXECGAE7s-f0xezPsm4u3vn7lLS-_lKpMJvPuhmqhniBMWR3W_8ia2kGGtR-frP1Zt-jXjHJZp1KgAGL56aPmdatcKrViePC00Ry22giv8WQBIUmqs1FHykEpXlZ-xPfWZLnpPLImBL0ZTL2NDYbhUIXyYsnCbNAJ3W2lPUBhNNAVud6-Rw4KBBIhy3oR_CTnYdPDOZrw0sehd9T2GdDqCHvyZPWAZA5pLE89pZeOYNsnUoNEKPL-M6GAEsAlO2VevPX7L37cBflmJYuC3qOIwprWaQPo1kwVR46ymVgSPpnmoVRvvDZUZI0SRmD9gFXI5ZW6NLykopkmAtmRs4VlUIhJadehrvZqiDzv1pfQk7RM1CS2GvxgAhtXsmV1GC7lSPo-tExKT3sTFeeJPBv-Frjap_9f31aW5YG0swjZjw2Qq4N6yoMPshTvHMj0oka1RGMV5NmcTskY7ZAymi7jjOC9MEclFqbIgv3rqjazmoXoquRysdZ7Al0HQ3_sWfWlnJsEL6D0aMM4fSYBEHUdmp81kMUlCR9y6H2b5rhVOKi81gK_yXE_UWOLQMAxIawJXQpwIxLk56IEsAUEz60SvpXKF_fDJu9PAu6k76eJKs0rrPjE48vYoEL4LtpGYyp2E1ybRJ9g0M_ZULbYej03S59e0hvHKVJ0UFmhKCZSi-yHfEeCxUasLjpuDs_wUZj1vHb8Nq5KjJka5E1i0fYQlmZAUr4kOt0ZSblZ4oVsTiULRUKzDUba9zibJakgJLNmCeSw0t9L3yJAOqr8slO7h69LAW5e6emBFYsiEWfMiynJw4NDKU7JQYYGm0WNX2KwvMG8vCaFimekovWFuk76q2jW5FBTFZxZpJ-ZNe4TrC4DW90rB5QGcc9vu4nxoLybPWSiF5rUv1PIbm2APJjZhsT5g8aD8ZsgNhZF8Z4b8iiMihOF_WP2IsGC9AuRBSG5mpfPJHYPGenG0LF_IIPnDlfjeH0CnaJntNKSXosOLO2Od9CPFt5x0FU5p5D6IF8FvGbHdAnjWMALWQPazwPL3OrWSl-ISCbiqdG6LGOpgDT0UAxL_iZXRoyN-gLV4wUjx6AniLsSpEqJPDfb3PpD5dgZMLBS1gUTJckLojoyBVzfFYw_p7NLTunNo89caAEr-ICBW8V5fLViG4bSVAIdsmeiRc7UcACGDKmK7RZu3QZGWY1J78pRQg2rA4JHaYRnUP-DzknBoiyxwR2o4YwKGexxRxVm-IHjdcxONu-DzRN_doEIfdwZ9v-6XaKW5-2_Bnbwq51QkSiF3nIgHtE2b2EXxyxPUFfYcjsScHKOTmP33r4olZy3hhxtEcN5n2oWCkPXj_yrVliZCqwlWHIeQX5PYRMyg0qPEVai6VlmGjsmIvRDcL-yHZG8YE6Gp4br6IQz-ydcVGhHDz_0STKh61y50Td2ikGxZT5fyjExNSYb-FLug5U_ft75IZOOptLtqQYp0liL9vxTYKEY2-DMWM7mR09GPx7e3nWSnVKEpd2y6K3r46E27MJWr6tQYKjXC7vdTyUbuq1ry44nPy4biWgU-xS5KOCZN-mHbX8RhdhlhkAFXWHwAPMMG8PlPgygvjglIu_WI3qJiseOavajkksMqAHRTJISvc7HnH6hOZn88up_VHUZtmO5Ctb4XqHMSFmmzWfImmGjnVqBshRU90kCWE-L0RIOEdeh9G-bqeHHXUeK4UVmfK9hIqsKi-yi9GlqLaimREiCRyEigufPo2PZFJUvX7vZtEuo0QMuGbZwU8U49M39StztCFcGjAGZsdRk_T2a641grg4EAwTFIZSADUZvUD2H2iwX1ug3OOz9TAjBzkkCPSYlfnSLf3BYW8ZiqCHWSaTaUGooYVhoD_NDWXhojw1Zw9VqqFhdDh1ZqCdLppsH-41OYO3tQjT_P3FvP210sJbzLnTC95v9klwh1CWa-kWwXFzQnY4d3fhw704pIFl3UTIihY-oUTKa5UJgxGcDIvOmhqsrEyhEW6yvSZkMv3Yt7wRyLSmeUvA82LKH-ryTCE7JM8QQc_JSLHAH1M7cPvNK0P-wrjrkqP2LOe1uy_JCcFYhLTdvEZBV5xqwyFGTeHBn3mu70a6HBjpGNt4DdvebrlAr6shl0icFyxwEmSjbWNLlIr2Qe6pX2rtHpJo7sRnb8ao_hz6o8rrNl0vh06XDQTCU0YV6Pofc3gUkXzEfxPYfh4bmRktG3tQ-XpuXWbvfZukXWJmLjSgv0vYV5SaB7ubbPVMlibU3f-VddLX5Az8ARSE60OIzyYJKHHrT9KELeFnAilu779Wy2fsQgtqJ-6ZwxBZm9AhMYS7Vr_WW1wd53udFy6BTAOQ94OEq4XXkO7gRCjm-gEYK66RyO1wl13h9YnVllNHj9wPtubZ4UBeDFPhG8aDz2samNNhIV3eoZWKQ7wTSpHe8yCpXxGBtGomGpW9zVmQBAbrDKyu29THz2uCHCG1WbEmDCZ3OLEuEjeIl76PYMKVsbUXjJdl2bj5ryXS_bF3dpZZEAv8e8dDtwwmPEKksKUmFiDhF1n0kw34ZUFvTfOBlyNtXQwsxSwIQztELZafHg1Cu0lbS-Avl1pi-z_TNqAjqQJ62uvYhMUDaws_NZfnQz-U6jizGVNQURJfqaWDMjghl0qZNK_iVdHzgcsiVjImSG0ptgGIrmez09hPgTftAnfDYUPqFPxl6AhpTkzXFGSka7Wo2CMXL-3ogatVv0VDPCZ2MCopkji_o8JXApVOUrJcyqf&cid=CAASEuRoewDnvw_qROi-3t5yTaRoEg&rfl=1%2Chttps%253A%252F%252Fhd.yalla-shoot.io%253A2096%252F%240

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cac341ef94496d025fab4b22b4729d14a04d9985045b740c14ba87fc9a89b320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31411
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9417 42 B
63 B 66ms
66ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Amk0Z6iy6o7aGKshjeuAdv0V1VjeeQYLGGwSdWyZj57-z91zM0uou9bOXbji5--2Zskdjv0wNWJxrOIs2o8JL2mP0rp0jOD5kStmBziZXleA0sM74

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 9417 2 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 17:00:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9417 122 KB
37 KB 103ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 17:16:18 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 9417 15 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 16:55:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9417 0
0 39ms
38ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6iKoe0y60lmmtu-6QUaPJykiEqrpzRbF3lb29oI7ak7oO1udFP8i-aYexFwWbrGsBgbWBw9deSKJVZ4mVV80CJAftTQ
Requested by: Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0BA5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06238bf4bb8ae46a4ff333b44e6a40d59395ce4d0f898d8829562dc7630d7a55

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0BA5 16 KB
16 KB 75ms
30ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hd.yalla-shoot.io:2096
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 98058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 14:02:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0BA5 15 KB
15 KB 70ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hd.yalla-shoot.io:2096
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 444990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 21 Jan 2023 13:39:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ACD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1&C=1

43 B
1013 B

40ms
40ms

Image
image/gif

104.90.181.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhie8qPAATAB&v=APEucNXM3VhfU5GppJPsVeRn8Jram9FgzhRZjCrWCItSn7NswftdLAx_bXOWVnlG3gxyPnhlLJVwGUr8lwzi2NmlXZEVsLvOvAy6pa_XeTkCbm81c3pZbsMPaQ7qOawbrs6JI4Hsf96nudYavrkgcsZlSdK0uOecIwCve3NMOiL-c-r4ye1PVoU
Protocol: HTTP/1.1
Server: 104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 17:16:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 Jan 2022 17:16:18 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 17:16:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 26 Jan 2022 17:16:18 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ACD7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfGB4sxzvg-XP9vHV-3T2QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1

43 B
1013 B

40ms
40ms

Image
image/gif

104.90.181.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhie8qPAATAB&v=APEucNXM3VhfU5GppJPsVeRn8Jram9FgzhRZjCrWCItSn7NswftdLAx_bXOWVnlG3gxyPnhlLJVwGUr8lwzi2NmlXZEVsLvOvAy6pa_XeTkCbm81c3pZbsMPaQ7qOawbrs6JI4Hsf96nudYavrkgcsZlSdK0uOecIwCve3NMOiL-c-r4ye1PVoU
Protocol: HTTP/1.1
Server: 104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 17:16:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 Jan 2022 17:16:19 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIzyx3vakSTx_lPudrWXFOo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ACD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM6-ETBwyoSNL5LJ1oSMHAY&google_cver=1

43 B
1008 B

32ms
32ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM6-ETBwyoSNL5LJ1oSMHAY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhie8qPAATAB&v=APEucNXM3VhfU5GppJPsVeRn8Jram9FgzhRZjCrWCItSn7NswftdLAx_bXOWVnlG3gxyPnhlLJVwGUr8lwzi2NmlXZEVsLvOvAy6pa_XeTkCbm81c3pZbsMPaQ7qOawbrs6JI4Hsf96nudYavrkgcsZlSdK0uOecIwCve3NMOiL-c-r4ye1PVoU

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 17:16:18 GMT
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 814a3cd1-1bb8-4408-93fa-65201eb5f30d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM6-ETBwyoSNL5LJ1oSMHAY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ACD7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3ODk5NTY5OTc2NjE2NDYyNw%3D%3D

170 B
243 B

57ms
57ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3ODk5NTY5OTc2NjE2NDYyNw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 17:16:18 GMT
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a1acb866-bd97-4896-a815-04dc23fd840c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3ODk5NTY5OTc2NjE2NDYyNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_obb_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 9417 119 KB
42 KB 66ms
29ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
Origin: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 11:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42555
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 11:12:07 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/ Frame 9417 8 KB
3 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhaAZTzdsScMrHXDb1M5OMjKVD36-a3CyEVXIu2HNhAeFygsxKnab6is-enRjhmGTC6UDuLp5axkxLbQn71FbQoho72FGEZSCrMvlzSEcXD59zbOh9aDuJ3vYR_RsuoNwkCkKNrM99wxAOpuUxrBsOAu6MwA&dbm_d=AKAmf-A4tuiibKNGQhikJqAtUaroZLlaKnraJZrssE3ZHd3NhNaYhA-dhstqm-o67ia96qo4TkKRQ0EJkatxO2zgD_f2dpIPBAnuZzueq4QmWYxXgAiH1bLNR5R8KDayjWZ_NTPJcB3K_J7bmVJA9TAXnzAF10HNKf19d5CbaGqpi3whH9cLP3sQ6ZVvjH2RSGorircBFVY2PduM0BMU3v_GvDspGRD8tyS87uVgDsB3Imy1mmtvXro18QeoKzK_flpBvYwV8R6wyRsfu5iOStbcM-lQdy4-2nwKh0qe6uvfnu_4Sls9mwel4POStmZk9-2O5A8CfQpHGvqxERhSMUc5fpDGk2DRlk2CTfbt3qX2M_XDKHbpBEMyWhjmP72g7p1nNlhYvwBifuLBjXaj0lPiQh_T6LJerKyMvOQ514nXkN13NXMYhoWVFgMu1P7qIWnpHX_nO9Oy4O30heCNpLCMNLjRNOdXQmtLxXaEs9eAPQrMZ42OzCEdYWmhdgUJ7HXECGAE7s-f0xezPsm4u3vn7lLS-_lKpMJvPuhmqhniBMWR3W_8ia2kGGtR-frP1Zt-jXjHJZp1KgAGL56aPmdatcKrViePC00Ry22giv8WQBIUmqs1FHykEpXlZ-xPfWZLnpPLImBL0ZTL2NDYbhUIXyYsnCbNAJ3W2lPUBhNNAVud6-Rw4KBBIhy3oR_CTnYdPDOZrw0sehd9T2GdDqCHvyZPWAZA5pLE89pZeOYNsnUoNEKPL-M6GAEsAlO2VevPX7L37cBflmJYuC3qOIwprWaQPo1kwVR46ymVgSPpnmoVRvvDZUZI0SRmD9gFXI5ZW6NLykopkmAtmRs4VlUIhJadehrvZqiDzv1pfQk7RM1CS2GvxgAhtXsmV1GC7lSPo-tExKT3sTFeeJPBv-Frjap_9f31aW5YG0swjZjw2Qq4N6yoMPshTvHMj0oka1RGMV5NmcTskY7ZAymi7jjOC9MEclFqbIgv3rqjazmoXoquRysdZ7Al0HQ3_sWfWlnJsEL6D0aMM4fSYBEHUdmp81kMUlCR9y6H2b5rhVOKi81gK_yXE_UWOLQMAxIawJXQpwIxLk56IEsAUEz60SvpXKF_fDJu9PAu6k76eJKs0rrPjE48vYoEL4LtpGYyp2E1ybRJ9g0M_ZULbYej03S59e0hvHKVJ0UFmhKCZSi-yHfEeCxUasLjpuDs_wUZj1vHb8Nq5KjJka5E1i0fYQlmZAUr4kOt0ZSblZ4oVsTiULRUKzDUba9zibJakgJLNmCeSw0t9L3yJAOqr8slO7h69LAW5e6emBFYsiEWfMiynJw4NDKU7JQYYGm0WNX2KwvMG8vCaFimekovWFuk76q2jW5FBTFZxZpJ-ZNe4TrC4DW90rB5QGcc9vu4nxoLybPWSiF5rUv1PIbm2APJjZhsT5g8aD8ZsgNhZF8Z4b8iiMihOF_WP2IsGC9AuRBSG5mpfPJHYPGenG0LF_IIPnDlfjeH0CnaJntNKSXosOLO2Od9CPFt5x0FU5p5D6IF8FvGbHdAnjWMALWQPazwPL3OrWSl-ISCbiqdG6LGOpgDT0UAxL_iZXRoyN-gLV4wUjx6AniLsSpEqJPDfb3PpD5dgZMLBS1gUTJckLojoyBVzfFYw_p7NLTunNo89caAEr-ICBW8V5fLViG4bSVAIdsmeiRc7UcACGDKmK7RZu3QZGWY1J78pRQg2rA4JHaYRnUP-DzknBoiyxwR2o4YwKGexxRxVm-IHjdcxONu-DzRN_doEIfdwZ9v-6XaKW5-2_Bnbwq51QkSiF3nIgHtE2b2EXxyxPUFfYcjsScHKOTmP33r4olZy3hhxtEcN5n2oWCkPXj_yrVliZCqwlWHIeQX5PYRMyg0qPEVai6VlmGjsmIvRDcL-yHZG8YE6Gp4br6IQz-ydcVGhHDz_0STKh61y50Td2ikGxZT5fyjExNSYb-FLug5U_ft75IZOOptLtqQYp0liL9vxTYKEY2-DMWM7mR09GPx7e3nWSnVKEpd2y6K3r46E27MJWr6tQYKjXC7vdTyUbuq1ry44nPy4biWgU-xS5KOCZN-mHbX8RhdhlhkAFXWHwAPMMG8PlPgygvjglIu_WI3qJiseOavajkksMqAHRTJISvc7HnH6hOZn88up_VHUZtmO5Ctb4XqHMSFmmzWfImmGjnVqBshRU90kCWE-L0RIOEdeh9G-bqeHHXUeK4UVmfK9hIqsKi-yi9GlqLaimREiCRyEigufPo2PZFJUvX7vZtEuo0QMuGbZwU8U49M39StztCFcGjAGZsdRk_T2a641grg4EAwTFIZSADUZvUD2H2iwX1ug3OOz9TAjBzkkCPSYlfnSLf3BYW8ZiqCHWSaTaUGooYVhoD_NDWXhojw1Zw9VqqFhdDh1ZqCdLppsH-41OYO3tQjT_P3FvP210sJbzLnTC95v9klwh1CWa-kWwXFzQnY4d3fhw704pIFl3UTIihY-oUTKa5UJgxGcDIvOmhqsrEyhEW6yvSZkMv3Yt7wRyLSmeUvA82LKH-ryTCE7JM8QQc_JSLHAH1M7cPvNK0P-wrjrkqP2LOe1uy_JCcFYhLTdvEZBV5xqwyFGTeHBn3mu70a6HBjpGNt4DdvebrlAr6shl0icFyxwEmSjbWNLlIr2Qe6pX2rtHpJo7sRnb8ao_hz6o8rrNl0vh06XDQTCU0YV6Pofc3gUkXzEfxPYfh4bmRktG3tQ-XpuXWbvfZukXWJmLjSgv0vYV5SaB7ubbPVMlibU3f-VddLX5Az8ARSE60OIzyYJKHHrT9KELeFnAilu779Wy2fsQgtqJ-6ZwxBZm9AhMYS7Vr_WW1wd53udFy6BTAOQ94OEq4XXkO7gRCjm-gEYK66RyO1wl13h9YnVllNHj9wPtubZ4UBeDFPhG8aDz2samNNhIV3eoZWKQ7wTSpHe8yCpXxGBtGomGpW9zVmQBAbrDKyu29THz2uCHCG1WbEmDCZ3OLEuEjeIl76PYMKVsbUXjJdl2bj5ryXS_bF3dpZZEAv8e8dDtwwmPEKksKUmFiDhF1n0kw34ZUFvTfOBlyNtXQwsxSwIQztELZafHg1Cu0lbS-Avl1pi-z_TNqAjqQJ62uvYhMUDaws_NZfnQz-U6jizGVNQURJfqaWDMjghl0qZNK_iVdHzgcsiVjImSG0ptgGIrmez09hPgTftAnfDYUPqFPxl6AhpTkzXFGSka7Wo2CMXL-3ogatVv0VDPCZ2MCopkji_o8JXApVOUrJcyqf&cid=CAASEuRoewDnvw_qROi-3t5yTaRoEg&rfl=1%2Chttps%253A%252F%252Fhd.yalla-shoot.io%253A2096%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 17:12:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 9417 24 KB
9 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
server: cafe
etag: 6261108306223674270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 17:15:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9417 41 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:54:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8C73 1 KB
749 B 31ms
31ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 26 Jan 2022 05:53:44 GMT
expires: Thu, 27 Jan 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 40954
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9417 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0b33c64cf453e0ee61981dae8451ae03812a5500986ffae2a305e58457c22a3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B649 22 KB
8 KB 26ms
25ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 11:10:53 GMT
expires: Thu, 26 Jan 2023 11:10:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 21925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 153ms
74ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:18 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jan 2022 17:16:18 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 5 KB
2 KB 64ms
30ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a54dafe7e76ff4c3c990e3872fef7aaaa521669625faf3fc8573bf34664c7b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1512
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 24 Jan 2022 17:01:27 GMT
expires: Tue, 24 Jan 2023 17:01:27 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
content-type: text/html
age: 173691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9417 0
571 B 191ms
117ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9jCDQ3kSGVF6kr4eoXq9oDQY0dU2jj5C37J1FJtJrWJRnl6nzxMT77UXBodlQnLp-wyYVOc3mj4rStJMeM8BZTVQ6BeKHKi2CmNGQ8HGm3-5z-GeABd-MKi8B-JVMS261ZjWbHoVzdgLx-C8Zstabrxf5ml7zM1WisgLjUQl_a8FyW9B4-AU0VmEi7mRbQToed86o1npcG2MyMx0S7mXPZiB-zp6rDTNtjeNKxS0wuEwrmAeKTVIWVDjAQbpNTJGXW1UNWQCz3h6RyTLQDiM2ocvkJaENwOSHzWXD7KnBWBSnehhLQsxx2eqU0xdXtUIs3LdtALrfJXS5MxArs1VohuTIg7-Mj4uGCmg7B0-4DBZo2fwLdlOyuH5fGCMi_DfQhwpD-4pX8z6vuCNult1AMPvs_uDo0V1ghnvOYKYtoORx24CyJMKuF8_iZ07HdSwFkJ6SDGmlczbNzZM_S0P0Ua195Q4PmpK72KKDSOLUTyn6IMJ28dAlJouLzg959lGj5zXHnmH3uvfN1cicjx41NbJTQiH_lJCACA_bR7AwZnLtS1NWH1hFtoUym3DSg2CLwx3fd8W5taC0wDKVuoRYqDlVVBB5czBip1uMDJ-RTwdGaZ4y4K4YW0xMbeLSWYnq-fI96A6DIPKLNSyPEbOmHYrEOpOedK23jKX4kOM4kF5i3rWU0kjh0ZWq-4HGAZa9oeLe4qyd_ycIiNmPCUzH5W37R3lu3b5LwYT_jQNmjsRpvHEls8D6hxGSwOkcMdHzTokZbRpmPnB4iDthF_X3b2fgbzX4D41qUWT_V2TGgAEx4j7gzr_Aws-LgVqGDzm-JUdoBUmef1fGcyYMmqK1Ko15-6B8xj0AehaWBxBpd2ZSsaubevwiOgQLCvJg5t2r2JX-8LwuJX6BwKlbG8kJ0GOk1YVMjs9m8rozig-XSMWCbA7rWuzwUgcUYnIytaj8b1t9pUjIsFuxCLFDmH8vXHVzvqje5GxdD-Q6C398zcMtWhVNZN62WNkSC1glFuvGRd0lMMtpkB033lV_Hyyu7F3C9HAjOvT063qgT5PyizIYrLFw1JeH1diQhAnfV1PU-6OxPXzCGeB9YIWQjg9aq24aSx3CgK6PxN0APDDsO-L8RK1ZNvhUTyrgV55PeDr78EpQnfGWDK8V26EXV8PL03d6lNSTNZsPawzVzfB7VOJR_SG4SS1hDQEqZb4tV-cHhgt7u6gEsImiAW4PbhqixNoRhkn3oYi5zrls3s6O8GSqY23EUC6USN3FVZv1TYEj1pYrgsMpl6OQ_hnc5I3cDq--Cna8kBtVrXrXqvOaH1eK00k1W9s&sai=AMfl-YTCjLXewhYKfjW_A6DpU8PER3gR13kUtQX1qxzyTyz93iEliXN0A8Tb-XQCexrwVIQKu17eQ-S-odfy8Wti3hNuHxesHjysiiTI-P_n7RRXe4AIdNMh0yVyWbPJxVrWG11TT0XEeNAeywewcBBnFYWMhx5MU7vzN9pqmJVsMmEWfol2S5lF7Q&sig=Cg0ArKJSzCCfQElg1VNuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=122&cbvp=1&cstd=119&cisv=r20220120.13567&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 26 Jan 2022 17:16:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8C73 35 B
463 B 107ms
34ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWGvRfvbEUVKinLo-2EccU&google_cver=1&google_push=AYg5qPIm-mqciDT3kjKKaV6LvAD6rqn0Q9siMjAoJl9kmTZRf7DCeLNHX6h5jpocD-kBHnIIkR8I6flrOr2HRGURlJQlCvZU8ifi

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C73
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFwQST2CihEKluaV0TEVFbA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFwQST2CihEKluaV0TEVFbA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Uk01VFdaTWgxTmNMVTc1&google_gid=CAESEFwQST2CihEKluaV0TEVFbA&google_cver=1&google_push=AYg5qPIYbwOcsu6mcCGxg6YDbNDdV3_dsgyYp69pXUCaxNV...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Uk01VFdaTWgxTmNMVTc1&google_gid=CAESEFwQST2CihEKluaV0TEVFbA&google_cver=1&google_push=AYg5qPIYbwOcsu6mcCGxg6YDbNDdV3_dsgyYp69pXUCaxNVdlj2pVPsCpeAgpqXAnPcwv_s7hZPz1SewXDIy96Igw-npD_yiDRUC

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 17:16:19 GMT
Server: PingMatch/v2.0.30-700-g8d321aa#rel-ec2-master i-033800adeb42c37e1@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Uk01VFdaTWgxTmNMVTc1&google_gid=CAESEFwQST2CihEKluaV0TEVFbA&google_cver=1&google_push=AYg5qPIYbwOcsu6mcCGxg6YDbNDdV3_dsgyYp69pXUCaxNVdlj2pVPsCpeAgpqXAnPcwv_s7hZPz1SewXDIy96Igw-npD_yiDRUC
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C73
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGtgrspD_vO_Szd_My2KQs4&google_cver=1&google_push=AYg5qPIwO__sBbg_9ceTU-jqd6VMECqsKMdo5ddOdmOQFzsRnYLEl-HbDnMisCrAHeHy7xrpJRH71EaSpiAW7aom9_Pw_oI2shh_
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FEE220B193D044D59E9839ACB9C26CD4&google_push=AYg5qPIwO__sBbg_9ceTU-jqd6VMECqsKMdo5ddOdmOQFzsRnYLEl-HbDnMisCrAHeHy7xrpJRH71EaSpiAW7ao...

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FEE220B193D044D59E9839ACB9C26CD4&google_push=AYg5qPIwO__sBbg_9ceTU-jqd6VMECqsKMdo5ddOdmOQFzsRnYLEl-HbDnMisCrAHeHy7xrpJRH71EaSpiAW7aom9_Pw_oI2shh_

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Jan 2022 17:16:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FEE220B193D044D59E9839ACB9C26CD4&google_push=AYg5qPIwO__sBbg_9ceTU-jqd6VMECqsKMdo5ddOdmOQFzsRnYLEl-HbDnMisCrAHeHy7xrpJRH71EaSpiAW7aom9_Pw_oI2shh_
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Tue, 25 Jan 2022 17:16:18 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8C73 70 B
265 B 178ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOlNNDO3Q5x7aEhXZgev5VI&google_cver=1&google_push=AYg5qPK9diubEA51Yk01xpHHB2MYSSfIHy6RfIbmTPwWTUHhynuQuVpKceJVR_dyevVNVpR2WpYy9UgUfZSTrVwDVIF7nTJyuOQ4
Requested by: Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C73
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENDZzD_qoqqZM5XCeDT-J08&google_cver=1&google_push=AYg5qPJjc9y1Qa5nTc1V2TmGV2a0PC65UBdkxeV5AlSe9d5E2xtoxF9J5axWb-3Hv48X1YB4AZKVLDzGCKQV8lTd...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJjc9y1Qa5nTc1V2TmGV2a0PC65UBdkxeV5AlSe9d5E2xtoxF9J5axWb-3Hv48X1YB4AZKVLDzGCKQV8lTdv8SJHHMJvMo

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJjc9y1Qa5nTc1V2TmGV2a0PC65UBdkxeV5AlSe9d5E2xtoxF9J5axWb-3Hv48X1YB4AZKVLDzGCKQV8lTdv8SJHHMJvMo

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Jan 2022 17:16:18 GMT
via: 1.1 40cf8ac59708b6770beb4d2d04bc6ae8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG3-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJjc9y1Qa5nTc1V2TmGV2a0PC65UBdkxeV5AlSe9d5E2xtoxF9J5axWb-3Hv48X1YB4AZKVLDzGCKQV8lTdv8SJHHMJvMo
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: VsHNyoTijohzvZEm-dJQhigbaN5RD9TgVhW5iUojthHVCx6WszbHgg==

GET

pixel
cm.g.doubleclick.net/ Frame 8C73
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEJmAmcc7hfHQGNctTatwF1o&google_cver=1&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C73
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJKR49cG1CAcJa8bxwQZKjk&google_cver=1&google_push=AYg5qPLX9ePBx71N1TV_JOxaf-gxtDO2lyDNJdwPSc6qXJVhtgIJnEHOFPHA3HwdxKZ8TS3GuH...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJKR49cG1CAcJa8bxwQZKjk&google_cver=1&google_push=AYg5qPLX9ePBx71N1TV_JOxaf-gxtDO2lyDNJdwPSc6qXJVhtgIJnEHOFPHA3HwdxKZ8TS3GuH...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM2JpVUk1RTJ1RlJTejNfMVlmVHVwSFgxUUFyUXVwOX5B&google_push=AYg5qPLX9ePBx71N1TV_JOxaf-gxtDO2lyDNJdwPSc6qXJVhtgIJnEHOF...

170 B
188 B

60ms
60ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM2JpVUk1RTJ1RlJTejNfMVlmVHVwSFgxUUFyUXVwOX5B&google_push=AYg5qPLX9ePBx71N1TV_JOxaf-gxtDO2lyDNJdwPSc6qXJVhtgIJnEHOFPHA3HwdxKZ8TS3GuHayocWNKQdOm4KR_K3ptApwAiF6

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1qM2JpVUk1RTJ1RlJTejNfMVlmVHVwSFgxUUFyUXVwOX5B&google_push=AYg5qPLX9ePBx71N1TV_JOxaf-gxtDO2lyDNJdwPSc6qXJVhtgIJnEHOFPHA3HwdxKZ8TS3GuHayocWNKQdOm4KR_K3ptApwAiF6
date: Wed, 26 Jan 2022 17:16:19 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8C73 0
12 B 79ms
40ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3G2ZnQE2k_4bBpmrah544aiaxzmMPcPWSk-uAdKmnNLRsLYuZ3qQv0Lc8xOetdLuVHyy9QQ

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js Show response
pagead2.googlesyndication.com/bg/ Frame B649 35 KB
13 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13436
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 16:27:07 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 2 KB
668 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c21c1850a71a04c2d7550483d28a6425c31389419d067dec1231857ab1e3bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 639
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:28 GMT

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 955 B
982 B 29ms
29ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/background.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

795301e5512f0eecdb5e45becbd86a92f481a3d58c2ae65a5981b190cdb4bacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 955
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 rakete.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 19 KB
19 KB 32ms
30ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/rakete.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cceffc5ef7bc6479428d3987aa4f9f091c4fefdf21c6369e8e1bc07dc5510183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19599
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 pfeil.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 2 KB
2 KB 46ms
44ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/pfeil.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb50a48f0edff21560acabb2af20527147467c21adbbcfc9296c9ab0bd2c041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 2 KB
2 KB 44ms
42ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/h1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e940a28c6321cbb27ba29a64d4aaf8e3f9a24d92741f70b0e045068537361505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2265
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 9 KB
9 KB 41ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/h2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d4ead01adb1066b85bddaaf898d0e055d7e0d8a5f6d5d66f8d2a5140bb248fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8952
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 1 KB
1 KB 53ms
51ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/h3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a312905827bd9365ea455ffe6a3eb4b3ec02f496c106f350c539850256f4c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1232
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 preis.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 975 B
1002 B 50ms
48ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/preis.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

715156e209d470e910aad2b204a907fd9b92dd2e66c53d832d3b83c7f4bf3c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 stoerer01.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 2 KB
2 KB 47ms
46ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/stoerer01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7f32d415d66b62c1968f46da380ad465481870224196873df2cfb1b76106503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:59:54 GMT
x-content-type-options: nosniff
age: 80184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1797
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 18:59:54 GMT

GET
H3 200 stoerer02.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 2 KB
2 KB 50ms
48ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/stoerer02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

107353ac106004db1429e727d66516f1d1dbb5dd48593f355d710ac96d7a1d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1779
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 3 KB
3 KB 50ms
49ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4673ff49766aff60d73593d134868ea3f839f0627555e5519ce5f34561271191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2954
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 laufzeit.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 588 B
615 B 48ms
46ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/laufzeit.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87833af0096d5a6b7a9663c2c73715de7560a96cdc31b69bfefcfe12fabb17f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 button.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 773 B
800 B 48ms
46ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/button.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

987e3dc27bea6427125ca8314cc4c0ef992dcb78b0c1db60653491b9c89c6570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 773
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H3 200 border.png
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 152 B
179 B 53ms
52ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/border.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d17abe6a44fe8b727a8282982c49a6defe969b90941f868c7191aa9b59f2f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:26 GMT
x-content-type-options: nosniff
age: 173692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:26 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame AF87 63 KB
23 KB 97ms
56ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2759854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
timing-allow-origin: *
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqcSVK5dn%2FqX8VRmLcJHoR%2FLbQL5AUo2pqgqD52Y%2Bb4ru1H%2BYiY%2Bh%2BrdB6HMdVQAi9Z9Y9p3mANO5G3y%2BVN3CtybuwgKaZ%2FaMtTvYlaUm1U4%2FB1CLpbacvXjTJuLsmDFcEH97ILfEbbUgDYCDwIjxzJg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3b636aedd783a3-MXP
expires: Mon, 16 Jan 2023 17:16:19 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/ Frame AF87 2 KB
575 B 30ms
29ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8f676ce02d3570e309045fcda1e45ed2561911d68bed298639eb84dd32276e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4762816952046261558/km_202201_15GB-1499_LTE50_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 546
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 11:50:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 17:01:28 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6519 13 KB
5 KB 105ms
35ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hd.yalla-shoot.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2047
date: Wed, 26 Jan 2022 17:16:18 GMT
content-length: 5182
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
28 KB 111ms
40ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:19 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 04:27:55 GMT
server: nginx
etag: W/"61ee2acb-16429"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jan 2022 17:16:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B649 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlMSI4oHxYfCHKNyFlQessabQAgAAAAA4AeAEAg&bg=!kZKlktbNAAZ_DxPPfw87ACkAdvg8Wm__xcqGick9XZo9kAoDscBU3muj7FWqJsJrC5BNFGaO78RTFQIAAABlUgAAAAJoAQeZAwuXDXy45-WJEHGLlZ6wLaHAcY9a5JOigBesq8TltKnrP5kBhgFKEM-631tb4D3d18HJHEjxlUQWP_g58aVn3nueNhRHyyxmXoNF0kb4cL9lymxRW4Sey_JVKElN91XHYK_MTWe61FqMeEzIULWoFxj9yut9zrQFq6c_rhYK7RCRQ7o68WY7Yo_JvpafPw4BuNNz6LXxvERGuv-v7cNu7dJqVxgmqrHrYsic0gbmymLAFs-ai-4HRI-pPYtdZFu9EHRWGSOr0MjEWjErdkmq7LOnwmvK9BbJkZWlyTPorgyjLNYSO_amr30pO-RWI1EqUQyBJ53QLWOemRg2gNur9-G0dWVQNxTtl_OUKJcsBmWKF9fdDaBsGUI_JqzuG99qEzbYs32yiZ9OppKn3XATxC0L1go9A77VgYpn9hBovkH7BgcLoD198txoyukEGizmEjOs1rHVthKCqVSyMWRrCkumkA6ucAFTf3vvju6iATYSMi2YD5ozJKpl4E6sO98B9aBp9FRJH605nFKEE_9JGfmALiU8NHxPY4hb0aEnjVpkz0dWtQw517fNHJZgBMDDJmzAu-s4-8epuEswARDq7QZVL82tTYWaY2c4L7rI3cfhbiCbhs10WUNOoj7yntIyVJbmd77iJSjnnoqFymTjvwBkagKaF_6b4JYur0LQzmZ7qqFIwuB6HdoZJg46_18NiCGovvfb1GKC5HUHa5KaSlj-H5Ttsrgh1ZVcNoEJPzwUWIgrydc88l88AcRQ1QMwJw0syIlrO8JPp3FFayJX941aG0ceF2CvZy5kkJMYZIargTAtsnuLR3slDn_YnCIqOkeLnU0Qr7S-q37oh_9z8-6Zg4CYA9MF2U8DmMXlEAZmgPuL5eG4TfZqiwYkji_VzqzUXo7VmrWh68KjFZENCsjQFjGYGKGhiskgJJwJ9_zwZ822PlKaeQz6mfToqGI8LK2pvzdbgH9nktswmpktl6sSsuzyFWYlLA_STCpHMo_rgIyH2hyQ2gD5qnmIA5Iq-ipCqBAbc8vg5nS4JQ

Requested by

Host: c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
URL: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9417 0
23 B 108ms
65ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9jCDQ3kSGVF6kr4eoXq9oDQY0dU2jj5C37J1FJtJrWJRnl6nzxMT77UXBodlQnLp-wyYVOc3mj4rStJMeM8BZTVQ6BeKHKi2CmNGQ8HGm3-5z-GeABd-MKi8B-JVMS261ZjWbHoVzdgLx-C8Zstabrxf5ml7zM1WisgLjUQl_a8FyW9B4-AU0VmEi7mRbQToed86o1npcG2MyMx0S7mXPZiB-zp6rDTNtjeNKxS0wuEwrmAeKTVIWVDjAQbpNTJGXW1UNWQCz3h6RyTLQDiM2ocvkJaENwOSHzWXD7KnBWBSnehhLQsxx2eqU0xdXtUIs3LdtALrfJXS5MxArs1VohuTIg7-Mj4uGCmg7B0-4DBZo2fwLdlOyuH5fGCMi_DfQhwpD-4pX8z6vuCNult1AMPvs_uDo0V1ghnvOYKYtoORx24CyJMKuF8_iZ07HdSwFkJ6SDGmlczbNzZM_S0P0Ua195Q4PmpK72KKDSOLUTyn6IMJ28dAlJouLzg959lGj5zXHnmH3uvfN1cicjx41NbJTQiH_lJCACA_bR7AwZnLtS1NWH1hFtoUym3DSg2CLwx3fd8W5taC0wDKVuoRYqDlVVBB5czBip1uMDJ-RTwdGaZ4y4K4YW0xMbeLSWYnq-fI96A6DIPKLNSyPEbOmHYrEOpOedK23jKX4kOM4kF5i3rWU0kjh0ZWq-4HGAZa9oeLe4qyd_ycIiNmPCUzH5W37R3lu3b5LwYT_jQNmjsRpvHEls8D6hxGSwOkcMdHzTokZbRpmPnB4iDthF_X3b2fgbzX4D41qUWT_V2TGgAEx4j7gzr_Aws-LgVqGDzm-JUdoBUmef1fGcyYMmqK1Ko15-6B8xj0AehaWBxBpd2ZSsaubevwiOgQLCvJg5t2r2JX-8LwuJX6BwKlbG8kJ0GOk1YVMjs9m8rozig-XSMWCbA7rWuzwUgcUYnIytaj8b1t9pUjIsFuxCLFDmH8vXHVzvqje5GxdD-Q6C398zcMtWhVNZN62WNkSC1glFuvGRd0lMMtpkB033lV_Hyyu7F3C9HAjOvT063qgT5PyizIYrLFw1JeH1diQhAnfV1PU-6OxPXzCGeB9YIWQjg9aq24aSx3CgK6PxN0APDDsO-L8RK1ZNvhUTyrgV55PeDr78EpQnfGWDK8V26EXV8PL03d6lNSTNZsPawzVzfB7VOJR_SG4SS1hDQEqZb4tV-cHhgt7u6gEsImiAW4PbhqixNoRhkn3oYi5zrls3s6O8GSqY23EUC6USN3FVZv1TYEj1pYrgsMpl6OQ_hnc5I3cDq--Cna8kBtVrXrXqvOaH1eK00k1W9s&sai=AMfl-YTCjLXewhYKfjW_A6DpU8PER3gR13kUtQX1qxzyTyz93iEliXN0A8Tb-XQCexrwVIQKu17eQ-S-odfy8Wti3hNuHxesHjysiiTI-P_n7RRXe4AIdNMh0yVyWbPJxVrWG11TT0XEeNAeywewcBBnFYWMhx5MU7vzN9pqmJVsMmEWfol2S5lF7Q&sig=Cg0ArKJSzCCfQElg1VNuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=343&vt=11&dtpt=221&dett=3&cstd=119&cisv=r20220120.13567&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 17:16:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9417 6 KB
5 KB 74ms
41ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad487645c0cc22a79609624b1107bc93f15c92ec026705f372ac66e9bb0d1bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 17:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4779
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6519
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=yalla-shoot.io&sn=ChromeSyncframe&so=0&topUrl=hd.yalla-shoot.io&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=PWr-TXxQRmJpbW0yQllyNHZPUG05UXRlYTBLTkYzTHYrWjJla2ZCUjhFdStwbE9WZTRPd1Q5RHdYRWY3T2x5OEppQ0EwazVrLzc1NHpRNTNpM0hVZzh5Z0E0Q2pTaGhqNWkxZzRLT242VHJJRkdDeE94bFR1TEhhYm13dl...

425 B
629 B

365ms
47ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PWr-TXxQRmJpbW0yQllyNHZPUG05UXRlYTBLTkYzTHYrWjJla2ZCUjhFdStwbE9WZTRPd1Q5RHdYRWY3T2x5OEppQ0EwazVrLzc1NHpRNTNpM0hVZzh5Z0E0Q2pTaGhqNWkxZzRLT242VHJJRkdDeE94bFR1TEhhYm13dlo4S1NXUkpUa0JIa1ZxbjNzOG8zTGQ2UDFGeWxVbzFIUHRQTnZ6UG85Qy9DTi9TNkcveG9aMTErdUVSZjI4dkFSREJqYWgrN3ZCMWNmV3o5Zzg0dlhCNVhNeEVLaVhlRHljRjV4aVRzdHI2eThOelB3c2Z6dVZodFp2MWgrbUh3YWJ3NHhyeGRZWlphd2RHK1RnVlg5Z2RmdXpsb3QrZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3a9e6a619ecdef60103547d9ba3c010c53028bccadd7340be513ce7ad7cb0b45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4144
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:18 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=PWr-TXxQRmJpbW0yQllyNHZPUG05UXRlYTBLTkYzTHYrWjJla2ZCUjhFdStwbE9WZTRPd1Q5RHdYRWY3T2x5OEppQ0EwazVrLzc1NHpRNTNpM0hVZzh5Z0E0Q2pTaGhqNWkxZzRLT242VHJJRkdDeE94bFR1TEhhYm13dlo4S1NXUkpUa0JIa1ZxbjNzOG8zTGQ2UDFGeWxVbzFIUHRQTnZ6UG85Qy9DTi9TNkcveG9aMTErdUVSZjI4dkFSREJqYWgrN3ZCMWNmV3o5Zzg0dlhCNVhNeEVLaVhlRHljRjV4aVRzdHI2eThOelB3c2Z6dVZodFp2MWgrbUh3YWJ3NHhyeGRZWlphd2RHK1RnVlg5Z2RmdXpsb3QrZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1883
content-length: 541
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9417 17 KB
6 KB 174ms
174ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 17:16:19 GMT

GET
H3 200 vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js Show response
pagead2.googlesyndication.com/bg/ Frame BA67 35 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13436
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 16:27:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9417 42 B
64 B 100ms
99ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyJvV9Q2UklEOeMnuXVmUxlp6z2GNsjRSgQBTs_paUSsa4wA4WqhtZ5_XuBzB2IQsbcD2ykfI3Sc8BIMAQytxP_z6Y3n_DIehEwVmMxlKs_loxI5Mniw&sai=AMfl-YSH53EWizVINlybbe1APU7eGIfN90hWQiAZCn6DWWOWHZ1wkXz149GmoPC8fpZXPTbWbnysI55eRUwLWLSRamdfBJolmfJt6DftC3BLnqL917Rb9-708zeGgns&sig=Cg0ArKJSzAonJIrqMwKGEAE&cid=CAASEuRoewDnvw_qROi-3t5yTaRoEg&id=lidar2&mcvt=1001&p=110,650,360,950&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=558348788&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643217378571&rpt=226&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0BA5 42 B
64 B 120ms
120ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlst44AriJ29U04PhtRVuJ_FNOvtuBAWYgl_dsEHzld4_4gnNrl7d4sqz9r_aJllM-uFL6MSERU-D1Kdr5g3RnOqrYgdrR689a6zWweeApR3V1xytLbQ&sai=AMfl-YTb4IaRM_A7GJI4bX8DoTkKhFIdFvbT2SiHf5YpYgXQhm9rWykLACKTrXNMeizGqlfhfMqEWXy7oBiPZOvjbQoa0kmLs2rypRfg0hjk9yeGXQIjXfzQqjHPLm8&sig=Cg0ArKJSzE9au4fsGMgsEAE&cid=CAASEuRo3JF81cN-F4XSya2PxMoTNw&id=ampim&o=315,1054&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=338&tls=1338&g=58.399999141693115&h=58.399999141693115&tt=1338&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1449004331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 100ms
34ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2F&domain=hd.yalla-shoot.io&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hd.yalla-shoot.io:2096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://hd.yalla-shoot.io:2096
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1490
date: Wed, 26 Jan 2022 17:16:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2F&domain=hd.yalla-shoot.io&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=XPd_-nxVdmV4L2J4M2hWYndwUWd4cEZtbmdUSXAvejd4RTN4cVF6dnhadXdzRUEwY0NjZFNHdGtBZEh5ZmtXM1IyNTRqTTZkR3oxSDR4QmtWY29JSWZBOG03YUxsczNQSEJqZk9IVFBoa045aEExS0pMZEI0QlZibndiSk...

454 B
690 B

35ms
35ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XPd_-nxVdmV4L2J4M2hWYndwUWd4cEZtbmdUSXAvejd4RTN4cVF6dnhadXdzRUEwY0NjZFNHdGtBZEh5ZmtXM1IyNTRqTTZkR3oxSDR4QmtWY29JSWZBOG03YUxsczNQSEJqZk9IVFBoa045aEExS0pMZEI0QlZibndiSk5xL3hzVWRienZTWHlET094RG9NWEFZTytYWWtIblJTSU81MFQ0SkkzTDRmNlRIVzJjam9seG1NZCtLU2k3aEZyZ0VYZWt1RkowM2pRZ3dhbHRvK1ZDR0EyUUJ0eTBQc0haRVpwTFVtVHl4RmdnQ2hONEJmcy9FNUR3K2tHaU1vbzRYcHN0eWNJcWZqWTZjUlNLd2NxWnYzNTI0N09XWDlIV0pBeWp6N25qVVBIc0t3Tjdwbz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

705a36e7c13020d63dc8bd98b93d4fd8d0ae1a938082162a5611ae40f57b263d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://hd.yalla-shoot.io:2096/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2975
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jan 2022 17:16:19 GMT
location: https://mug.criteo.com/sid?cpp=XPd_-nxVdmV4L2J4M2hWYndwUWd4cEZtbmdUSXAvejd4RTN4cVF6dnhadXdzRUEwY0NjZFNHdGtBZEh5ZmtXM1IyNTRqTTZkR3oxSDR4QmtWY29JSWZBOG03YUxsczNQSEJqZk9IVFBoa045aEExS0pMZEI0QlZibndiSk5xL3hzVWRienZTWHlET094RG9NWEFZTytYWWtIblJTSU81MFQ0SkkzTDRmNlRIVzJjam9seG1NZCtLU2k3aEZyZ0VYZWt1RkowM2pRZ3dhbHRvK1ZDR0EyUUJ0eTBQc0haRVpwTFVtVHl4RmdnQ2hONEJmcy9FNUR3K2tHaU1vbzRYcHN0eWNJcWZqWTZjUlNLd2NxWnYzNTI0N09XWDlIV0pBeWp6N25qVVBIc0t3Tjdwbz18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hd.yalla-shoot.io:2096
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1862
content-length: 567
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 212 B
539 B 1067ms
253ms XHR
application/json 51.89.7.205

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456449/hb_502684_12987.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.205 -, , ASN (),

Reverse DNS

Software

Resource Hash

56cf8b7ec62f6d7b078d4e80f0a05a6735f600da495b1f625d4cc5400ed556c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hd.yalla-shoot.io:2096/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://hd.yalla-shoot.io:2096
Date: Wed, 26 Jan 2022 17:16:21 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 101ms
34ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1149
date: Wed, 26 Jan 2022 17:16:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yalla-shoot.io/	1970-01-20 17:58:09	Name: _ga Value: GA1.2.1701048479.1643217376
.yalla-shoot.io/	1970-01-20 00:28:23	Name: _gid Value: GA1.2.506265747.1643217376
.yalla-shoot.io/	1970-01-20 00:26:57	Name: _gat_gtag_UA_107335079_1 Value: 1
.doubleclick.net/	1970-01-20 09:48:33	Name: IDE Value: AHWqTUllrL9C7jjtjQo57uyGzPT5HAGEltBR_CfIU3Yl1-1DIbLCs2rqAlsqP4k1yfw
.aplhb.adipolo.com/	1970-01-20 02:40:52	Name: vmuid Value: ebfe1c42e41d31ca
hd.yalla-shoot.io/	1970-01-20 01:10:09	Name: _pbjs_userid_consent_data Value: 3524755945110770
.yalla-shoot.io/	1970-01-20 09:12:33	Name: _pubcid Value: 048ba1a6-72b5-4b81-bde2-011c371d88fb
.lijit.com/	1970-01-20 09:12:33	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 13:46:09	Name: E Value: AMOhts3YnTrN-AYV
.doubleclick.net/	1970-01-20 00:27:00	Name: DSID Value: NO_DATA
.betweendigital.com/	1970-01-20 09:12:33	Name: dc Value: was1
.betweendigital.com/	1970-01-20 09:12:33	Name: tuuid Value: 4461d5b3-a5fa-531a-a6b3-5e3ac742dfdb
.betweendigital.com/	1970-01-20 09:12:33	Name: ut Value: YfGB4QADrWjIFum49Uh3LNti4zxTuYCNlrpn1A==
.betweendigital.com/	1970-01-20 09:12:33	Name: ss Value: 1
.betweendigital.com/	1970-01-20 09:12:33	Name: unm Value: 1
prebid.a-mo.net/	1970-01-20 09:12:33	Name: __amc Value: 1_1643217377_1643217377
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY1JiLvvLISe5vA13I9S/rzOw93ruqYUnHgQcTybLrliOGkHlnC2jLGXSf3RhKbDHmrK16v7gZTuQpFpUgVPvHWUU1KogWo
.rubiconproject.com/	1970-01-20 09:12:33	Name: khaos Value: KYVT773Z-T-DTEX
.rubiconproject.com/	1970-01-20 09:12:33	Name: audit Value: 1\|bkkeSz5hU3zuOML53NOwZVqbBgMWySGKaxJuuRhJfverMP2hbsleC9s0J2jhmu3a13upZ+u6ZY5XM61WmzmBGuBxGCOXoSK1TGQEhYxahVbc6UO785F0Pw==
.yalla-shoot.io/	1970-01-20 09:48:33	Name: __gads Value: ID=78ee1c1dc142518a:T=1643217376:S=ALNI_MZuctCnoy15xwsU_MruNozTCQjq3Q
.adnxs.com/	1970-01-20 02:36:33	Name: uuid2 Value: 9178995699766164627
.casalemedia.com/	1970-01-20 02:36:33	Name: CMPS Value: 235
.adnxs.com/	1970-01-20 02:36:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>vbp=Rn!1yIE`fS1ueD1W-044)d+]Uf+Z]$2`@-py:r/vrHo*7X#r0IYM1Mf?6ACn<]9RFMZ9T5_m!x'w3)Wqdm
.casalemedia.com/	1970-01-20 09:12:33	Name: CMID Value: YfGB4sxzvg-XP9vHV-3T4QAA
.casalemedia.com/	1970-01-20 02:36:33	Name: CMPRO Value: 1836
.quantserve.com/	1970-01-20 02:36:33	Name: d Value: EBgBCQGlJYEA
.quantserve.com/	1970-01-20 09:57:11	Name: mc Value: 61f181e2-f11c2-53275-5d3c9
.simpli.fi/	1970-01-20 09:13:59	Name: suid Value: FEE220B193D044D59E9839ACB9C26CD4
.casalemedia.com/	1970-01-20 09:12:33	Name: CMRUM3 Value: 2d61f181e32760CAESEIzyx3vakSTx_lPudrWXFOo
.casalemedia.com/	1970-01-20 00:28:23	Name: CMST Value: YfGB4mHxgeMA
.yahoo.com/	1970-01-20 09:12:54	Name: A3 Value: d=AQABBOOB8WECECQeoaqI2H-TR1B_EyzAn7cFEgEBAQHT8mH7YQAAAAAA_eMAAA&S=AQAAAuAxq54MIYIb_1yPX19nuOQ
.analytics.yahoo.com/	1970-01-20 09:13:59	Name: IDSYNC Value: 18yx~22vt
.criteo.com/	1970-01-20 09:48:33	Name: uid Value: ddc5d233-a6eb-4907-a81b-677e426cc415
.w55c.net/	1970-01-20 09:57:11	Name: wfivefivec Value: RM5TWZMh1NcLU75
.w55c.net/	1970-01-20 01:10:09	Name: matchgoogle Value: 5
.yalla-shoot.io/	1970-01-20 09:48:33	Name: cto_bundle Value: YKHkL19ERDAlMkJuamU5bmVybUJNcHgwbW9MTmxNdGNIRnYxaiUyRktvQTlTd0lNejZwanlFb1pycmE5Yk1VbEx0JTJCQWlDblR4dlR4a2xIM0VrSEZUWk1UUW5ycU5iMnI0TUslMkJud20wJTJCYXpiMkpzd1YlMkY1cCUyRjl4VVV1VnJneGhsVzBWcUF6ck5rS3glMkJrNjc2eWdvZXhPZjNBSkRwYW5RJTNEJTNE
.yalla-shoot.io/	1970-01-20 09:48:33	Name: cto_bidid Value: wBr0qV9sZlUwc1oxYmJlbEg2S1pScHVFRnR2STlBT20zRW0wOGl6MHNYTlVUdFc2VkVtc3Y1ekYlMkJ0VFlwd2Zrc3VkeGU0NVdSVW1ZWDBjRjFVOGtjdlNXWFhKaTVzJTJGSCUyRjQ3YTNGczE3U2o0ZTFrcnI1NiUyQkZDSWRaeElZTjljNCUyRiUyRlhIZw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hd.yalla-shoot.io:2096/m/(Line 292) Message: <link rel=preload> must have a valid `as` value
other	warning	URL: https://cdn.ampproject.org/rtv/032201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIlpX5916Zfc4gS2WP-zITTDw-VM6Hw13FoLEvUeNEEpRVwgw9Ip1vc2Sl0Eo6uxOaEm_zQCxzzBp63VqPDwW4u5h43jSc Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
adservice.google.com
adservice.google.it
adtelligent-d.openx.net
ap.lijit.com
bidder.criteo.com
c2c67b9dc3a28d2411acfdd77e656bd1.safeframe.googlesyndication.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hd.yalla-shoot.io
ib.adnxs.com
id5-sync.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtcdn.com
player.adtelligent.com
player.aplhb.adipolo.com
pm.w55c.net
prebid-eu.creativecdn.com
prebid.a-mo.net
s.ad.smaato.net
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
ssc.33across.com
static.criteo.net
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
104.90.181.210
142.250.184.226
142.250.185.66
142.250.186.34
147.75.61.140
169.50.137.184
178.250.0.157
178.250.2.131
18.193.4.24
185.184.8.65
185.33.220.145
204.237.133.116
216.52.2.19
2600:9000:219c:4000:1b:5138:8a40:93a1
2602:803:c001::200:194
2606:4700:20::681a:9a9
2606:4700:3032::ac43:c67b
2606:4700:3038::6815:ea8b
2606:4700::6810:135e
2606:4700::6812:272
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400f:802::2001
2a02:2638:1::3
2a02:2638::1c
2a0c:5c81:5142::2
3.126.56.137
34.149.20.76
35.244.159.8
45.133.44.4
46.249.52.248
51.89.7.205
51.89.9.251
52.223.40.198
96.46.186.58
0336209db3d58512c01a8426dbb6970311966fdb25b7d18f0773115cc385b71c
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
0464f8fc57e7c59164be773ffae1f0a1f780686cef1859b6d92022b7753e65a4
06238bf4bb8ae46a4ff333b44e6a40d59395ce4d0f898d8829562dc7630d7a55
0a312905827bd9365ea455ffe6a3eb4b3ec02f496c106f350c539850256f4c90
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb0abeb989026d763ba5d4b83848a5ec14f6dc894bb1e25c7104b26d2a2bb4e
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0d68f3a62f5fe7761d01b0a93ddf7fe08cffba689667b4ca717726e458f7f0fe
107353ac106004db1429e727d66516f1d1dbb5dd48593f355d710ac96d7a1d5f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1459b0151945e97e8a163aab8cea597d14f4252d30e184ef6af82cb2ca62ea97
15ea6d29f07fcbf3187bb06097842c86d4a76b9c6266537783f7a5ccb5d1d419
16e75a838eaa0dd5afe697cd7023dcdd2de2b90d04d94290b412c47684e19a84
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
194b01f9ae95deaaae709ec3f378f1788150516c5817d345c40a062f85dbbc6f
1a46c9e032c450ce9f638c704912d3d4c62c808d5ba9e2ea9829e1712369d6d3
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
24c1ce8ed762946df71b690387fa50e61b7a3dca71410cdf12b6f4653ba8215f
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
27b3fa8c42db8c3444b12193a799733ead7c15cc76bc1f10e0c28d1261e6ebdf
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
36860c00071ba3f00a26abf06724779f0a85fba75cf6b113c338092ed4489fbe
3a9e6a619ecdef60103547d9ba3c010c53028bccadd7340be513ce7ad7cb0b45
3d17abe6a44fe8b727a8282982c49a6defe969b90941f868c7191aa9b59f2f81
3e40e7ca1e1a265b84be5a480ea43c64f8d8fc0281eca4c37378a2381587cbbd
45af4150622cbb559079064e1992d7d86edeb03cbecd8ea2b13422d222e6faeb
4673ff49766aff60d73593d134868ea3f839f0627555e5519ce5f34561271191
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
5132d372cb173a8a03581054f07b694cf11fbdce25ca75e0b9676abeecd101f0
515f14392d6dcadbdce08291ae0ed2be4d4f8ba752743db26e04d5a2a678dca2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541c9382e82511a802d3cee0a0ce1fdc85435aa5bc06aa6683f133cd870af2ce
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cf8b7ec62f6d7b078d4e80f0a05a6735f600da495b1f625d4cc5400ed556c8
5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d00e7256a2f53ef06f12183cb58bf4d931d24de331ba5b653acba99865bf295
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e6af4b376ce6da5efbadb3c3d36be12e9d83bf6e92bdea4a82c4db206c3cdf9
705a36e7c13020d63dc8bd98b93d4fd8d0ae1a938082162a5611ae40f57b263d
715156e209d470e910aad2b204a907fd9b92dd2e66c53d832d3b83c7f4bf3c40
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c
75cd07e4ec769b92c8cc9c7f8d53fdc71e3a4171c8f085bea89151ea74e478fc
7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9
795301e5512f0eecdb5e45becbd86a92f481a3d58c2ae65a5981b190cdb4bacf
7b29ed3a60f22726583c1360897bec4ed42c4fe0e0037d3e8d432fa9eb6d89a7
7c41f8179c722c44061385dd1a7cda93b1ea3fa7f171693ce593116a0cade692
807b6c40007b4052ab69b87b6fc5857941f89ed09ad30771f4226cef3b2c4c6e
80aa650d0d8be62ab6c698dd2fa15f8de784f08600d6422accd2f088c8012330
84f2fe35a016beb75985dd5b72bfc1139f9d827952824fa74f35d246bfafa518
85ac8d794422508d410f4a4b61b3ecdaa9d3fcaaddf6ea364a8afc1656bda3ea
87833af0096d5a6b7a9663c2c73715de7560a96cdc31b69bfefcfe12fabb17f4
8abd586c5fede8aef3de28a00e9883c399937299c29e70118f68e22560b4d60f
8d4ead01adb1066b85bddaaf898d0e055d7e0d8a5f6d5d66f8d2a5140bb248fa
8d592a834521e5c7682460f2d9c0b7cd41cfdb0075c41f0d64f18b2f832a1852
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90555659036430523c6ed0c359d2d148e28842f463faf55b99d26c005d60f7e5
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9833a41bc2778c388d9cf678b416bdd6ac5d1a1414872aeae2b6d061c02540ba
987e3dc27bea6427125ca8314cc4c0ef992dcb78b0c1db60653491b9c89c6570
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c21c1850a71a04c2d7550483d28a6425c31389419d067dec1231857ab1e3bdd
9dbf68dde75062409daaf80bc1f5a18a0bfe82e0f3860fb3c9c1e67dd103c27d
9f9c7203f7f8c93933e7f8259c8c50e99b8f1d0a2d1639569ca4692cbccef936
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f88f95fa1db8839c5e012d0587eb78a481f5a998f15563dc03b28557f4e290
a3a5dcc2dcf4364d3af72694d52da570a64059f757acb3ba9e67e72a0c0e5cbd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54dafe7e76ff4c3c990e3872fef7aaaa521669625faf3fc8573bf34664c7b4e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a7e0a292981433f2859535186d022a43a97e8cdff0b8668762e5f758168039c5
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad487645c0cc22a79609624b1107bc93f15c92ec026705f372ac66e9bb0d1bef
b062a3461b78c5b36d980f616f9445066c05cc0ed109f51ddf7afdc1b33e107d
b0b33c64cf453e0ee61981dae8451ae03812a5500986ffae2a305e58457c22a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ddbc20b9ec532b532ee97db36a911d34c785ec80818c05499bcb0779ea8c70
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
b4b49d4d31bafde40cecd2f1810924311d1c8e3809fbaaddc3a1578c3e18b34e
b535af2067fb4b3fcf9b1586167b9fbea52341373e1605ddbadc5cf40d92beb3
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb8f676ce02d3570e309045fcda1e45ed2561911d68bed298639eb84dd32276e
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
bd01cc5aa69bcca76ed1d74ff8716082632a2fbd8506fc0585bdc5945506b79f
bdb50a48f0edff21560acabb2af20527147467c21adbbcfc9296c9ab0bd2c041
bf481e4916b386cebc8e4e61cb7d9354a594404b7274af2c78807aca055b5293
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
cac341ef94496d025fab4b22b4729d14a04d9985045b740c14ba87fc9a89b320
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cceffc5ef7bc6479428d3987aa4f9f091c4fefdf21c6369e8e1bc07dc5510183
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd8a068ab0154eb7d7dd2e2c43f57105d735f378e62f538d98d3718eb0d754a5
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
d66ddf63cfc9a614849bcb959e3b616478106a8754cb9f8ecb8b618977a73209
dcb6d9a56ed2444951a14d905cbfbab8bc5d1449702fab41d4afd70398dbc91e
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f32d415d66b62c1968f46da380ad465481870224196873df2cfb1b76106503
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e940a28c6321cbb27ba29a64d4aaf8e3f9a24d92741f70b0e045068537361505
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7fbfa9827578aadc731b39197ea9baec700b23ff8b86e342fe6f0a20c631fa
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f2cbe5826edd81dcac7bfb1cb1027304e1211984a5d983526e9666ab686ed676
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa5cdaf41d5ba61f449caf084c5849e905d9658acf4633d4a5f22fcf3e108fff
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

hd.yalla-shoot.io Open in urlscan Pro 2606:4700:3038::6815:ea8b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

93 %HTTPS

53 %IPv6

38 Domains

49 Subdomains

44 IPs

6 Countries

1777 kBTransfer

3997 kBSize

38 Cookies

2 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hd.yalla-shoot.io Open in urlscan Pro
2606:4700:3038::6815:ea8b Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

93 %
HTTPS

53 %
IPv6

38
Domains

49
Subdomains

44
IPs

6
Countries

1777 kB
Transfer

3997 kB
Size

38
Cookies

189 HTTP transactions
10 data transactions