shoot-yalla.to Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://shoot-yalla.to/
Submission: On May 20 via manual (May 20th 2023, 2:39:16 pm UTC) from IN — Scanned from NL

Summary HTTP 262 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 44 IPs in 5 countries across 33 domains to perform 262 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is shoot-yalla.to.

This is the only time shoot-yalla.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
11	13.32.99.38 13.32.99.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
46	172.67.141.250 172.67.141.250	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	185.239.173.66 185.239.173.66	55081 (24SHELLS) (24SHELLS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
9	143.204.68.51 143.204.68.51	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1	2600:9000:224... 2600:9000:2240:400:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:fd0c:1957:83f2:b026	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	3.124.43.147 3.124.43.147	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
262	44

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

shoot-yalla.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

shoot-yalla.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.32.99.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-38.fra60.r.cloudfront.net

mediation.magnetssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 172.67.141.250 (United States)

ASN13335 (CLOUDFLARENET, US)

web-api.scorarab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.239.173.66 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.68.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-68-51.lhr61.r.cloudfront.net

www.boomplaygames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:400:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:fd0c:1957:83f2:b026 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.43.147 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-43-147.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	616 KB
46	scorarab.com web-api.scorarab.com — Cisco Umbrella Rank: 313034	345 KB
35	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	320 KB
18	gstatic.com www.gstatic.com fonts.gstatic.com	171 KB
13	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
11	magnetssp.com mediation.magnetssp.com — Cisco Umbrella Rank: 197073	18 KB
9	boomplaygames.com www.boomplaygames.com — Cisco Umbrella Rank: 274485	467 KB
9	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 129387 adipolo.com — Cisco Umbrella Rank: 114963 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 148819	152 KB
8	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 723 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9810 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16347 dis.criteo.com — Cisco Umbrella Rank: 575 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837	9 KB
7	google.nl adservice.google.nl — Cisco Umbrella Rank: 15742	1 KB
7	googletagservices.com 1 redirects www.googletagservices.com — Cisco Umbrella Rank: 181	290 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	5 KB
4	criteo.net imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9070 static.criteo.net — Cisco Umbrella Rank: 639	127 KB
4	shoot-yalla.to shoot-yalla.to	187 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 682	2 KB
3	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 729	793 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
3	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 126189	18 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 752	2 KB
2	ctnsnet.com 2 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6525	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	529 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 812 r.turn.com — Cisco Umbrella Rank: 3335	869 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1351	24 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	125 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 606	582 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1546	297 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 722	760 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 597	399 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	2 KB
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 26743	3 KB
1	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 583	652 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	608 B
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6866	5 KB
262	33

	Domain	Requested by
46	web-api.scorarab.com	shoot-yalla.to
39	pagead2.googlesyndication.com	mediation.magnetssp.com pagead2.googlesyndication.com www.boomplaygames.com shoot-yalla.to googleads.g.doubleclick.net www.gstatic.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
27	tpc.googlesyndication.com	googleads.g.doubleclick.net 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
14	www.gstatic.com	googleads.g.doubleclick.net 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	securepubads.g.doubleclick.net	1 redirects shoot-yalla.to www.googletagservices.com securepubads.g.doubleclick.net 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
11	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net www.boomplaygames.com
11	mediation.magnetssp.com	shoot-yalla.to mediation.magnetssp.com
9	www.boomplaygames.com	mediation.magnetssp.com www.boomplaygames.com
7	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	adservice.google.nl	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	www.googletagservices.com	1 redirects shoot-yalla.to securepubads.g.doubleclick.net googleads.g.doubleclick.net 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
6	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.googleapis.com	googleads.g.doubleclick.net 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
4	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
4	shoot-yalla.to	shoot-yalla.to
3	image6.pubmatic.com	3 redirects
3	onetag-sys.com	1 redirects acdn.adnxs.com
3	jscdn.greeter.me	shoot-yalla.to
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	acdn.adnxs.com static.criteo.net
2	pm.w55c.net	2 redirects
2	ius.ctnsnet.com	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	imageproxy.eu.criteo.net	03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
2	script.4dex.io	acdn.adnxs.com script.4dex.io
2	03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	shoot-yalla.to www.googletagmanager.com
1	mug.criteo.com
1	sync-tm.everesttech.net	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	r.turn.com	www.boomplaygames.com
1	ad.turn.com	1 redirects
1	rtb.fr3.eu.criteo.com	03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
1	cat.fr3.eu.criteo.com	03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
1	ap.lijit.com	acdn.adnxs.com
1	bidder.criteo.com	acdn.adnxs.com
1	cdn.jsdelivr.net	acdn.adnxs.com
1	wrappers.geoedge.be	acdn.adnxs.com
1	acdn.adnxs.com	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	player.adtelligent.com	player.aplhb.adipolo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	adipolo.com	shoot-yalla.to
262	49

This site contains links to these domains. Also see Links.

Domain
signup.adipolo.com
lives.shoot-yalla.tv
yacine-tv.live
hesgoal-tv.io
live-kora.tv
yalla-shoots.to

Subject Issuer	Validity	Valid
*.shoot-yalla.to R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
greeter.me E1	`2023-05-15` - `2023-08-13`	3 months	crt.sh
*.magnetssp.com Amazon RSA 2048 M02	`2022-11-18` - `2023-12-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.scorarab.com GTS CA 1P5	`2023-03-30` - `2023-06-28`	3 months	crt.sh
adipolo.com E1	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2023-04-06` - `2023-07-05`	3 months	crt.sh
*.boomplaygames.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-06`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
player.adtelligent.com R3	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh

This page contains 25 frames:

Primary Page: http://shoot-yalla.to/
Frame ID: 53705400171D28F6A58D77D26E7D1FC9
Requests: 103 HTTP requests in this frame

Frame: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
Frame ID: 5D776D6416AD29CF9205484440D47E0B
Requests: 8 HTTP requests in this frame

Frame: https://www.boomplaygames.com/afgegg?at=1
Frame ID: F82FAB69CB823D4D75A3A242644B6D9E
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: 5F42DCBD5805A4BF8D83798D57159163
Requests: 1 HTTP requests in this frame

Frame: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 197C7BEC757B5189BBC8AE53821F98AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=1573534164&lmt=1684593497&plat=1%3A16777280%2C2%3A64%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&dt=1684593549449&bpp=5&bdt=439&idt=277&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8628245862036&frm=20&pv=2&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C44788441%2C44789923&oid=2&pvsid=1589405507026396&tmod=2064045372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: 2DDF1C07A970F38DDF4F72C876B5B417
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1684593497&rafmt=1&format=1200x280&url=http%3A%2F%2Fshoot-yalla.to%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1684593549454&bpp=3&bdt=444&idt=297&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8628245862036&frm=20&pv=1&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C44788441%2C44789923&oid=2&pvsid=1589405507026396&tmod=2064045372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=I1zik5NdOm&p=http%3A//shoot-yalla.to&dtd=302
Frame ID: 6BFA30501C6922B4426B5481E2E50D9C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3279755396&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&dt=1684593549643&bpp=3&bdt=110&idt=278&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=6212190396527&frm=24&ife=1&pv=2&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.lsj24sx7pm1p&fsb=1&dtd=294
Frame ID: 9E777605294635CBF90EFBB80CE6EC50
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBpy-3es_O6xvJHSEHW32WDYHda0eUuKmHpE90j00Ki137hnvnkhvQDg8Nz_78FuJ1ZJazGbBhGqoSqZBLqJrhLjqdmpyCL0dT58x4n2AYv_lVGk99XzvhYrrjpgYv_BwwPUDBIcurhXRhjFN-j1kx_ZqN6sFN6XW4PY5nXeaDJnM5l_d_xbPoi1guV8OYoYgUAWVAT5xitO-POyQW7UioazQKJ-TsqeG664nuAoXJqQTjGs-20g6dLc-ZvW4RaVH4j8jOF01GFp0MliDlo8VBceeXzpnPPl9O74VZM8pln3NtDQZl-DcEEO6lFuCT5EsQvyNLzX9V&sai=AMfl-YRXodB87rBB-m3woEuWTqMFK5zIpufiQbAvQ0UKvungd7TAjxtoxLZ66eBGheabz1ilj3hQzwNoNl1-BT8T7qJFti9BPojmAa6ROMxVhSuIqzxf2rqb8_vl97CKcaX0lFnXEgST03TNclvJngc&sig=Cg0ArKJSzEn3LcphHXY0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 49E608EBCA0062D8F0D5F5082117E274
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4
Frame ID: BB0C9EB361711D2738279A374A5F4474
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378860&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684593550349&bpp=1&bdt=816&idt=0&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.3vvs2lm7i9gr&fsb=1&dtd=3
Frame ID: 63878A71614C35CECB93ED63A233ED80
Requests: 5 HTTP requests in this frame

Frame: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 83A9C2472EC2513680090FEB09511610
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: AA5060A893690CF4034F47F0227E67F6
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/25c1ebd307027cb6cde802b753523349.js?tag=client_fast_engine_2019
Frame ID: BCC7945C90FACDC5116A56D83A9F3A4D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E456EC01AE2F83D881A38E70023FF31D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6076A5BA743955419FBA91D51F993A8B
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/25c1ebd307027cb6cde802b753523349.js?tag=client_fast_engine_2019
Frame ID: FC1D404054943C038DBED8230E2671C4
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F2CBE0A872AE25F92C3B1C9D9B201702
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F718C3A65BA3D2C4706C451CEFE6F6E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: 99D91E28B8ECB6CA84CF7808FBFEC479
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FEA4190E2D6BF7A5CF2C3C94DEE54370
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6552E16B41433E5FA921F7717DFAEAA9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6508FFDECF8C9B57D177C61C4E38EFB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EC01F64FB76B93646C911811C8392EC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shoot-yalla.to
Frame ID: 8D008333FC67A63161E0D5BF5D178E7D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yalla Shoot LIVE - English

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

262
Requests

93 %
HTTPS

56 %
IPv6

33
Domains

49
Subdomains

44
IPs

5
Countries

3559 kB
Transfer

8574 kB
Size

23
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.adipolo.com/

Search URL Search Domain Scan URL

URL: https://lives.shoot-yalla.tv/%3E%20%20%20Yalla%20Shoot%3C/a%3E%3C/li%3E%20%3Cli%20%20class=

Search URL Search Domain Scan URL

URL: https://yacine-tv.live/
Title: ياسين تيفي Yacine TV

Search URL Search Domain Scan URL

URL: https://hesgoal-tv.io/
Title: Hesgoal

Search URL Search Domain Scan URL

URL: https://live-kora.tv/
Title: kora live - كورة لايف

Search URL Search Domain Scan URL

URL: https://yalla-shoots.to/
Title: Yalla Shoot

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 63

http://www.googletagservices.com/tag/js/gpt.js HTTP 302
https://www.googletagservices.com/tag/js/gpt.js

Request Chain 188

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEd6IBxvnk1FCswCpKV42Ys&google_cver=1&google_push=ATf1kGNRehcPXAgOFHPPABPw8tvS9sDFFo9oq3x4C-da_KPkcMlYI2-ftG9MkGWHAjdzFV6GfZTGPSjoXdEjgbnBEfda7u1uAFnrm4wj78VUgZoahNjAJiM1GU71BpKC99azPnVj090eLD-6ioNxjvBmps3dX9U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA5NzIyNjY3MDQxMjg5OTQ2OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJkjEF299CYf1YqxdVuTFZQ&google_cver=1

Request Chain 189

https://um.simpli.fi/gp_match?google_gid=CAESEPElVLoXlzC1dz0JPpnwjso&google_cver=1&google_push=ATf1kGOVulil3zcaNHlYm6IohuExSkt-vtCnvfIfzxJ_1E3ofybbCjdAhGvsiEzGpZIb-wAlzP48jyLtGm_S6ObWkelRtyMycAJbUGZHfJeK7gfsB_KKrbMi8GejG_9fcGEIrHTrtgv2UA-OOPQcQMRWCf3aow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3109CBDCACBF458E8513B03F59F2ECE5&google_push=ATf1kGOVulil3zcaNHlYm6IohuExSkt-vtCnvfIfzxJ_1E3ofybbCjdAhGvsiEzGpZIb-wAlzP48jyLtGm_S6ObWkelRtyMycAJbUGZHfJeK7gfsB_KKrbMi8GejG_9fcGEIrHTrtgv2UA-OOPQcQMRWCf3aow

Request Chain 192

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKza_CkGjmcfDlsR_pJjBks&google_cver=1&google_push=ATf1kGNQatMgZLT5WMeKD2AP_k8FBEacj3_xztnVjr6JV5ukGyZeKbtgLRyMH1AdReq2LWLrVvS_eYVkymacnYxyAPpUXKJA2wj-hm5fkfTwkqu3bjKDqfkd3pnywFpl_iXOj6nL7yCNLN2iNo97jJ-9H_mi1-I HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKza_CkGjmcfDlsR_pJjBks&google_cver=1&google_push=ATf1kGNQatMgZLT5WMeKD2AP_k8FBEacj3_xztnVjr6JV5ukGyZeKbtgLRyMH1AdReq2LWLrVvS_eYVkymacnYxyAPpUXKJA2wj-hm5fkfTwkqu3bjKDqfkd3pnywFpl_iXOj6nL7yCNLN2iNo97jJ-9H_mi1-I&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oMVTB5IiTkCxgna7xtOyQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNQatMgZLT5WMeKD2AP_k8FBEacj3_xztnVjr6JV5ukGyZeKbtgLRyMH1AdReq2LWLrVvS_eYVkymacnYxyAPpUXKJA2wj-hm5fkfTwkqu3bjKDqfkd3pnywFpl_iXOj6nL7yCNLN2iNo97jJ-9H_mi1-I

Request Chain 194

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBiBcYsJQ0u0zLhceTK-piI&google_cver=1&google_push=ATf1kGPfARFtVTqmU-_Kdht8uefAcvDub95QXwdyDTICRh4hsdlNnI-wBsqGX8V6pk5oRoF3f-wiw1sMTfsj7FzN_YIm0USS8IivJ_NWSOsEnMkJE1Uxz-K3k1hMrzEXszkDu9HmbExIvoZxFDG6JnilP2bXAdTE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPfARFtVTqmU-_Kdht8uefAcvDub95QXwdyDTICRh4hsdlNnI-wBsqGX8V6pk5oRoF3f-wiw1sMTfsj7FzN_YIm0USS8IivJ_NWSOsEnMkJE1Uxz-K3k1hMrzEXszkDu9HmbExIvoZxFDG6JnilP2bXAdTE&google_hm=LXhQ44W-Qm2zejtxO_vdxxM

Request Chain 196

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 223

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBBidZYy4d_K1yhFdlTTy9I&google_cver=1&google_push=ATf1kGM0kG9CrAJ6T7lsQhWNV6HDnQ5TAQE0yw6n2XKcuIxNvx3WFs578FZK6NuEcbZ-qXaZesiiofHCqaCj1BX_uPQYpVNx0WInSd3SLwbEJZXdwkiDy_euZUyx2bTlQNN_n3BqLtd8I7jigMUwXossM9BwF6Q HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBBidZYy4d_K1yhFdlTTy9I&google_cver=1&google_push=ATf1kGM0kG9CrAJ6T7lsQhWNV6HDnQ5TAQE0yw6n2XKcuIxNvx3WFs578FZK6NuEcbZ-qXaZesiiofHCqaCj1BX_uPQYpVNx0WInSd3SLwbEJZXdwkiDy_euZUyx2bTlQNN_n3BqLtd8I7jigMUwXossM9BwF6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RFVyOVlObk8xUTBuSko1&google_gid=CAESEBBidZYy4d_K1yhFdlTTy9I&google_cver=1&google_push=ATf1kGM0kG9CrAJ6T7lsQhWNV6HDnQ5TAQE0yw6n2XKcuIxNvx3WFs578FZK6NuEcbZ-qXaZesiiofHCqaCj1BX_uPQYpVNx0WInSd3SLwbEJZXdwkiDy_euZUyx2bTlQNN_n3BqLtd8I7jigMUwXossM9BwF6Q

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOrfY6gNLz_oxG43A2j4glo&google_cver=1&google_push=ATf1kGOYlodvINBDm_IlTPbieNhx_N1v-fp_bHWuswF9OLcMuhroouIUn1cuTTG0YUrW-xQW4SXLM0MQrnk09VcS8oaL1pzFU_izZTcCiInxeIaSAAOTdSCgPnUBiAKInt817VWXwvOl0Jh-zU9hfuwEV4Td9-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOrfY6gNLz_oxG43A2j4glo&google_push=ATf1kGOYlodvINBDm_IlTPbieNhx_N1v-fp_bHWuswF9OLcMuhroouIUn1cuTTG0YUrW-xQW4SXLM0MQrnk09VcS8oaL1pzFU_izZTcCiInxeIaSAAOTdSCgPnUBiAKInt817VWXwvOl0Jh-zU9hfuwEV4Td9-k

Request Chain 227

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAgpmVpDCpSA57XJ6-cyPuU&google_cver=1&google_push=ATf1kGMGIG49i4J2Rgd_cQF-Z9bAIgVTr96KuA3nPvarf2VaafGJMKnSAjjT5iA-fuOaDVk7P1kTQJDCw0u5mfGDAR4HSnWYlPVsuoO7qgGazsEAgsfSnczlIeqlApA-cbItsUxbBGe_kT_qwW9vu6IGO8J2gQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oMVTB5IiTkCxgna7xtOyQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMGIG49i4J2Rgd_cQF-Z9bAIgVTr96KuA3nPvarf2VaafGJMKnSAjjT5iA-fuOaDVk7P1kTQJDCw0u5mfGDAR4HSnWYlPVsuoO7qgGazsEAgsfSnczlIeqlApA-cbItsUxbBGe_kT_qwW9vu6IGO8J2gQ

Request Chain 228

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN7qX3e3ygjf8J4taDIPS8Q&google_cver=1&google_push=ATf1kGN-txUQNRkt6tmotdBFRKOp0lMHxwGY1RllXtIIyOmySe9djJDqDeZ3xbDYTFoKcYTlElAPPnw9TUCTEYK6IJuX-tiUxJUKEFgXFEVkyE9ZFha8p-H4E6SncxJGa-jEuREUlBopyqD7qII0QeOa6RE5o8I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN-txUQNRkt6tmotdBFRKOp0lMHxwGY1RllXtIIyOmySe9djJDqDeZ3xbDYTFoKcYTlElAPPnw9TUCTEYK6IJuX-tiUxJUKEFgXFEVkyE9ZFha8p-H4E6SncxJGa-jEuREUlBopyqD7qII0QeOa6RE5o8I

Request Chain 229

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECasFGM9_irasGTQGkMJVT8&google_cver=1&google_push=ATf1kGNuYF5J1tQZkmQdsvAZt-WJFblrRc0E6OXatXzkGnizQKmbGVU3lhZdbWaiJUFHV00rGtqAg7LoMq1dfci6f7aF9xtGI9-TLDvBoNnrXLvAgGXMLB2NfAuGZw0ls7roNyOJAZOu3XxGLDMGJ6ZGWNe8P7a- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGNuYF5J1tQZkmQdsvAZt-WJFblrRc0E6OXatXzkGnizQKmbGVU3lhZdbWaiJUFHV00rGtqAg7LoMq1dfci6f7aF9xtGI9-TLDvBoNnrXLvAgGXMLB2NfAuGZw0ls7roNyOJAZOu3XxGLDMGJ6ZGWNe8P7a-&google_hm=LXhQ44W-Qm2zejtxO_vdxxM

Request Chain 232

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 257

https://gum.criteo.com/sid/json?origin=publishertag&domain=shoot-yalla.to&sn=ChromeSyncframe&so=0&topUrl=shoot-yalla.to&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Zcl463xPRERyVkc5Z1huR0Z2OGkvU1drS0QrRmVoRW02R1BDbWhpZ2FoQ3R5d3NtYTZ5N3M4ZWxFU3Nrem1KcGw5THZJOWhWL044cTdVUW45emFvQXpIUWZDdFZla0xSeW93UTlLK1lLK2c5dm5oRUpKcVppK1lrR1Z3VDd3VGsxaWp4YU5zWFhOQWNlMjNXRE1ZeklkS0swMUtZRUZJTXoveVZ6TmlXU0RkZjRsdDkvTlVzcmttMVowcTFST3RDeXJ0Q1RvMENzOWFxQm4vdm9WQVhWRlVEVi8xb3IvZ0U5aGV0ZDhwWGRFQVBXb2VVT0xsZVBaRGtlY3Y0cFQzMEd1Q015cjRXTStjei9tTEtJeW5BQlVyd3oxd2F2S3VSOE85cVZuZHVtVkkybmw4az18&cppv=2

262 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
shoot-yalla.to/ 138 KB
20 KB 197ms
70ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://shoot-yalla.to/

Protocol

HTTP/1.1

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e86d606bad0030278799ccaaffbb18fc288fc473369c9a32667ec151f3d4706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7ca553d0ece09b67-FRA
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 May 2023 14:39:08 GMT
Expires: Sat, 20 May 2023 14:40:08 GMT
Last-modified: Sat, 20 May 2023 14:38:17 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: public
Referrer-Policy: strict-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyFyevlPPH%2BdnvXGKJ%2BWj7CahGX4ZNjGUz%2BbkylLLRJCMSJuIhv9X714iT%2FYQ4d9EGKPt7qrz6sv9paZ7kZk6kYwT7EOsuUs1RN6N77BjdTVYMbmiL5j8Vl%2BGb7yxTtT%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 standing.css
shoot-yalla.to/assets/css/ 8 KB
2 KB 82ms
28ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/assets/css/standing.css?t=1684593497

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ad92bb2e47d63ce3250b038f2c017eacfb824a3dd8def98d2c4df41bdfa82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 25 Sep 2022 18:04:40 GMT
server: cloudflare
etag: W/"63309838-1f55"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIvEhJTiwwhYKrlXA2TuPDvieS022nE%2BygdpDR6JY1KRgnX3oBubaknnr1ufwfFvlNei6HTeYRl988y%2BD5p42xsmdsj062wgi364TFenogKWc%2BArgvZYFrMhR5AYFevxXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7ca553d1ba713633-FRA
expires: Mon, 19 Jun 2023 14:38:46 GMT

GET
H2 200 shoot-yalla.tohead.js Show response
jscdn.greeter.me/ 8 KB
8 KB 93ms
18ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/shoot-yalla.tohead.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

714e12f6093f5ffbf0c50cfb2051c9c85b86e0bde08696b8d7763881da70dd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Apr 2023 10:33:58 GMT
x-amz-request-id: tx00000000000008b91beae-006468d717-9620c93c-fra1b
etag: "3263dc2933663b7a5fb0b0bf8d4b9327"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1684593549.dop004.am5.t,1684593549.cds312.am5.hn,1684593549.cds219.am5.c
content-type: text/javascript
cache-control: max-age=2458
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8286

GET
H2 200 shoot-yalla.todynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 20ms
19ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/shoot-yalla.todynamic.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

95c03596aa5342e6dc64b5c7e075cc5023788a63371a52796f2d282f8c3834a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Apr 2023 10:33:57 GMT
x-amz-request-id: tx00000000000008b91beaf-006468d717-9620c93c-fra1b
etag: "c0b8448b11470e49820a20a657851cc2"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1684593549.dop004.am5.t,1684593549.cds312.am5.hn,1684593549.cds323.am5.c
content-type: text/javascript
cache-control: max-age=2458
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7961

GET
H2 200 A-letterbigger_Savir.png
jscdn.greeter.me/ 945 B
1 KB 22ms
22ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jscdn.greeter.me/A-letterbigger_Savir.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id: tx000000000000088cf8c28-006468d4cd-9767395a-fra1b
etag: "f07519ec5fbc46385f386b577e6e2a1d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1684593549.dop004.am5.t,1684593549.cds312.am5.hn,1684593549.cds320.am5.c
content-type: image/png
cache-control: max-age=1872
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 945

GET
H2 200 logo.png
shoot-yalla.to/assets/images/ 161 KB
162 KB 29ms
28ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shoot-yalla.to/assets/images/logo.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817504c104c8071a04f168dcc245705cb9641f44d97b2692ae5abe5e011c02e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2102417
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 165227
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 25 Sep 2022 11:00:01 GMT
server: cloudflare
etag: "633034b1-2856b"
x-frame-options: SAMEORIGIN, SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svHu8pdn6scbMErDYUIz5zlo1YmNZpusiJuB3CYgCdcPALycFw5PCMkIHI6TysJOSYc853WjT4DX2G79LUHyWBleYXiHRmbcrsl%2Badq1ybaR09FPYh%2FBK2%2F0PPSH4Djzaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d20acc3633-FRA
expires: Fri, 26 May 2023 06:38:52 GMT

GET
H2 200 magnetsspads.min.js Show response
mediation.magnetssp.com/bpads/js/ 11 KB
4 KB 110ms
47ms Script
application/javascript 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Requested by: Host: shoot-yalla.to
URL: http://shoot-yalla.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d50e12b32a9f597e7db520fcf93c0db0703ce8b2f22977ca7e8b8d7297f06bad

Request headers

Referer: http://shoot-yalla.to/
Origin: http://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: http://shoot-yalla.to
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: GdJQxxRuYjJrg-LtgAZ8fyoddpA3a85dIDs4PoKhoccY8pDJZGOorQ==

GET
H2 200 lazyload.js Show response
shoot-yalla.to/assets/themes/yalla-shoot/js/ 7 KB
3 KB 28ms
27ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/assets/themes/yalla-shoot/js/lazyload.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3ceed2256e78d1d6cf8ca4405b9204e43ed8dace787060fda3e822204fdbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1396177
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 23 Jul 2022 01:24:16 GMT
server: cloudflare
etag: W/"62db4dc0-1c51"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDr7t4T9PthAbnF1ZS%2F9Q6%2BIZo9mHAEWgF6sdaayN%2BdPBK4ejRnmMfZhURsq1PlNr8MG%2BsdxduQbEi17jzmnm%2B%2BYqTRL36CwZxA%2FaXT0W%2F7eyyPbp8Z0J2MQBXjg4pXRsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7ca553d1eaa93633-FRA
expires: Sat, 03 Jun 2023 10:49:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 81ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd6b6ff35ef1765774888b1d61aab8bdcde0ea8519e17eb76f214414b7f76262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47518
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 May 2023 14:39:09 GMT

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET Montserrat-SemiBold.ttf
shoot-yalla.to/assets/fonts/ 0
0

GET
H2 200 1556300891.png
web-api.scorarab.com/uploads/team/ 10 KB
10 KB 110ms
50ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556300891.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3011a7d71e7124007ebb0d7bb4918b3da48d2d0e2a09f4a4ba53c5fc561b3fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70710
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10273
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-2821"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMD8Y937X1OPvw7I8%2F%2FRIHWLuQN8P6pk2I%2FvmDpfAH4mLKsM3Y%2BYhaxRG41Bbk6s1xhDXcEDZgK%2BXlPc%2Bml%2FtwaNVN8setUacT5fH3tOUIsGpetB1GL4HlSVa4KbohUUDl86oMynyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbe19b22-FRA
expires: Sun, 18 Jun 2023 19:00:39 GMT

GET
H2 200 1566428704.png
web-api.scorarab.com/uploads/team/ 7 KB
7 KB 85ms
27ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1566428704.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fff10903116ccbaa3eb3c2111170db8a657c17fe0f2ae753532f04c417ea7959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65255
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6699
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-1a2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSQygncWGAv7qU5cjvwjy4q4xTrJhFrIl0isosLkIS60pXzaa3tmpoxX7NEWbW2WZlblWM0trv1qOteiTM6Vce%2FWi9iK%2BhxTJ%2FhfMVoDIMYsg6KhfJlOdjCmYr3ZY29b7a3WELcycg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2abb79b22-FRA
expires: Sun, 18 Jun 2023 20:31:34 GMT

GET
H2 200 1565365687.png
web-api.scorarab.com/uploads/team/ 6 KB
7 KB 114ms
55ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1565365687.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8f874c068827b539177d9175c1d6fa6ddb288557fff3f7f6d6b9a7149b8942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 673316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6149
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1805"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Bi5LShNozPsUPCNcdflIQ05Q%2F9F3Lj1BIvhOfJkug9x8R4cNuWLp3m6VlfsRh4ChezyS%2FAuo1icvfiCfWLBSKgtCeXpDzuOtZaLJsaMhAdmkz4rjvEH913fuVqQ7DUi6UYjoZsJaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbe39b22-FRA
expires: Sun, 11 Jun 2023 19:37:13 GMT

GET
H2 200 1670707314.png
web-api.scorarab.com/uploads/team/ 6 KB
6 KB 127ms
68ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1670707314.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aa19965303ac1c9e92c72842cf74e59d5d0a6096997e309de5c31a8f9d5f906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 739751
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5737
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Dec 2022 21:21:54 GMT
server: cloudflare
etag: "6394f872-1669"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BbtGmjp3tZb1sbp3FsRm9UwpX0rYJuKmXzIa4erkMPRE4SUZZu1ukgLZg%2BVYBM3KR8lCCY3uidZSo04djksewFmEyZqGg%2B2TashkxUYR6mN8hGHV27LnhwSqQjqAfc1PSmp8Has%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbda9b22-FRA
expires: Sun, 11 Jun 2023 01:09:58 GMT

GET
H2 200 1565444838.png
web-api.scorarab.com/uploads/team/ 9 KB
9 KB 109ms
51ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1565444838.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb5de2d9da94a7ae9e21db3f68810c77fa2308dbb8c5c737d8407bb88dbf73dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 252512
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8870
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-22a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wetGIxIf3rJF4H7mjtObPbX%2FV%2BJw6BcawB6738hd2GxEiJ7x%2BaBAP0RsB3%2BSa2f%2BRS7SPuwE1A5yOO7NYb2JzehKKGNwCa6u1NBJ1y%2B4%2BWI0oV3eIp8vnMUmiiVqTgyXfZJOP7wqlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbe09b22-FRA
expires: Fri, 16 Jun 2023 16:30:37 GMT

GET
H2 200 1557629426.png
web-api.scorarab.com/uploads/team/ 4 KB
4 KB 114ms
55ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557629426.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160b1af6e3329dbe33f5935f028ae382840fe4dee29c016a6b6f47f0b22ff41f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294401
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3800
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-ed8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kihVyT0GgbZdFIGmyJ1s%2FiLG%2FCXqHuzJa%2Bz8EOP0LoprU4k2b4CxHyINH8vUQmxkNlt8n4v8Fua5YG7kjn%2Badze76Qy2fVDV7zyCGm8t2B4UvuaMY3WnG0saK6cDcBzeDdSAeF4h9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbde9b22-FRA
expires: Fri, 16 Jun 2023 04:52:28 GMT

GET
H2 200 1565444750.png
web-api.scorarab.com/uploads/team/ 9 KB
9 KB 102ms
50ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1565444750.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

314ab273b05c7814cdef93126a2e497d0a0acc31d74cbcf426f50274a25cb0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8813
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-226d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoQHt5w86j%2Fy4XDmjVpDNdu3rwpwsqJJiriG5YAWL96XMiZ8eWNAV0z%2FB%2Bh4E7KOjwDYtaHrpOwXyNE%2FAbjzIhmJmuD2a98GXWfKg4HYMWRDp%2BxFjV4oJgf2bboGtK7kIDk5vbUssQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2abb39b22-FRA
expires: Fri, 16 Jun 2023 14:07:02 GMT

GET
H2 200 1595803736.png
web-api.scorarab.com/uploads/team/ 4 KB
4 KB 103ms
50ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1595803736.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1655638a65cd1e95ec146443ddc503e00352f0e6c7d8b04399920a916ccff0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1498878
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3650
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-e42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcW0XRb2mCJJo9ebDde7NAVOQ4nGSlrRiy1t%2BV7sOs7NVtfKXr%2FIWztiW0xLCC7LX%2BwPSTIlHVnKPWKtZvg4tj96DAxY4CF1zIcILTQvtsNhZnyLiDqtZ1EE6TSd6GhbxgelyhBVQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2abaf9b22-FRA
expires: Fri, 02 Jun 2023 06:17:51 GMT

GET
H2 200 1677977219.png
web-api.scorarab.com/uploads/team/ 10 KB
10 KB 99ms
46ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1677977219.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8496f53bbbeafebdcdb4b739c214ff0d9e03af1ba343aa5b0fca4f0d92286ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10221
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Mar 2023 00:46:59 GMT
server: cloudflare
etag: "6403e683-27ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0L7QBVyTupVmZIBR%2FmQEpZBQgxGaboz0U4a7SmWRDyfiiExWy1TEmGCiOKpiGahJwnPqSAwWcXxKFOfOit5bsJHHXGPjdvaigL%2BZX6TzRMJawN6xo%2F6Fg1XGxJ9SSfnNPkwY%2BnFqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2abb09b22-FRA
expires: Mon, 19 Jun 2023 07:05:06 GMT

GET
H2 200 1567290671.png
web-api.scorarab.com/uploads/team/ 13 KB
14 KB 84ms
31ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1567290671.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

820c054ed0b919e5cd721ba3936a3346b267fd390dc2721836ea11b8692f76af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 672778
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13694
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-357e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agnKxj915pcRbKCBwnkc5DRpeM2MaaaPq9CGBlO%2BwZDFSRZyAtt078LoGc2tSMXfsZBnZvws8DqleN4KQp%2B%2F0cGHsPXBJBG8A4JMrMQ0dT7%2FQK%2FI4TU6mjtZgjAfOFzF%2BBxpvEAU0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2abb89b22-FRA
expires: Sun, 11 Jun 2023 19:46:11 GMT

GET
H2 200 1582847585.png
web-api.scorarab.com/uploads/team/ 12 KB
13 KB 100ms
47ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1582847585.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b87b79377d8131052c123fa943bb3322a8bdfeb5a25badd0614c6e289f865c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25651
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12788
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-31f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImCN%2BzxVPgULWUTz%2FxA0wDqyb84KfL9e8hTWH4Y2Wclz9%2FPH6U32JmP7f16BeyTAH9szy5Gxwwwpgn8ubTBbNpDlA2453nfgmlqwr2Odju7im1lDM02W79StYeLBkeZkk0bnbMkR9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2abb59b22-FRA
expires: Mon, 19 Jun 2023 07:31:38 GMT

GET
H2 200 1604831359.png
web-api.scorarab.com/uploads/team/ 11 KB
11 KB 107ms
54ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1604831359.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de120dcc4865233ee40c06dcaa8074d43f63ac77dcb9c8d66aeb30bf0d49f340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25651
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10868
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-2a74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvOymi4uElBY%2FtwyBDGgSvOvu70CcxeW482pXjgw5H0qq4xu5s03pYxLK%2B3jM6iFXwsmDchAet%2F54v2tlX%2Bnvq51XoheDaFycHiHyNiE8%2FfQe0X%2F6qODpkcF3OiHkCiEnEL4VgvIug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbe29b22-FRA
expires: Mon, 19 Jun 2023 07:31:38 GMT

GET
H2 200 1556302755.png
web-api.scorarab.com/uploads/team/ 7 KB
7 KB 102ms
49ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556302755.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5994c55207d005fd83ddefe1120d13e65bc58cd54cdb13ebe55508b299b23bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 671268
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6732
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1a4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3b0jT2NLuKedezpf%2Bo22Y%2Fq3i2ZnMudBXlyEdWw553Xft%2FAvrMAGG5ioXjAu8OLBAuQIoIQkcXUhxa0a%2FJdfPX8F99lASBXmwgiFMt73rNG4Y32uF0UnrZ40sFVb91Zo9tl%2FigED6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2abb69b22-FRA
expires: Sun, 11 Jun 2023 20:11:21 GMT

GET
H2 200 1556302828.png
web-api.scorarab.com/uploads/team/ 5 KB
5 KB 107ms
54ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556302828.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e06c7d4cdd3fd5561271eb899062a7f4e2f590ec769512d57981ca3afbdcd4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 671268
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4690
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1252"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr3TjpqG%2F2kiEj%2B%2Fk%2FHvW8bWr%2BrJonkSIP6Q%2Fu77sn3iw7sFoZHJofGh2B5xi6z7MLkaiaN8FPRBiPUSBtrjVzpeRXSm0yGRS5vzq%2FWtP7D8J88nU6ZgyWP75T5nzAJlRFWUMOzNaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbdd9b22-FRA
expires: Sun, 11 Jun 2023 20:11:21 GMT

GET
H2 200 1557008660.png
web-api.scorarab.com/uploads/team/ 16 KB
17 KB 81ms
28ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557008660.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f981cd0c42bb4a1b60734d0d38d3e0cbbc63252b92a7b93427c85d9fbbbfb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63693
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16823
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-41b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hf84abZDaiz%2Bq4jVpy9UYuG1lCRB6NkM9uQyNi2r%2FYtfZD4CymgwRhQksEqNewBtGEgJ214s7ypNg4b0p%2B2%2Fl44oWfHkNnhasePVz4fb%2Fy4TxyClJryLmCumhTqLCU01mcsUT8d9oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2abb29b22-FRA
expires: Sun, 18 Jun 2023 20:57:36 GMT

GET
H2 200 1636020667.jpg
web-api.scorarab.com/uploads/team/ 5 KB
5 KB 103ms
50ms Image
image/jpeg 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1636020667.jpg

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfeee43dd59cd2b8551540d10d93d443a6def52cec6cce73892b90a7aea207b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5142
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1416"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkHD5j354JhyOmejkBF3IVcCz1SDC4%2BGQ7GSzM6WcgBZKcdnjS0klDjM%2B4uYFJRedN%2FKF%2B0aFzwwG9KVpIW%2BVbeTwXeWk9tQnIxckzRA%2FP%2FFRtrqUZJi7x2WSx4tBo4F%2FMwT4jFJng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbdb9b22-FRA
expires: Mon, 19 Jun 2023 07:05:06 GMT

GET
H2 200 1566501335.png
web-api.scorarab.com/uploads/team/ 7 KB
8 KB 54ms
51ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1566501335.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd368903b585b77c5adcb3141a978bc46a80078149b0f4697b11bfbb1710987a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28229
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7472
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1d30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dkqhtj%2BVIJBF6fddUNKHaj%2BCSsSu6MZ1%2BZ0LuiWFl37Hu4bCfy6hYi5uZ42WLEhV0YfdbOZW3HLMHPQd21xVauEwDpIy5ITMaB4KXcJfXXdXhFxvTA6J3MjZPOoX%2FcEEXE100QuGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbe59b22-FRA
expires: Mon, 19 Jun 2023 06:48:40 GMT

GET
H2 200 1557009898.png
web-api.scorarab.com/uploads/team/ 6 KB
6 KB 41ms
37ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557009898.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fde244679bd9a24777dc6fce8ea8b32b86b15521ff1c3d170ebeb999fb099b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65255
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5720
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-1658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49%2BW6ew30uCxqCVmoEodEtV4Ztlg7tvpKNXZ9oRGb3YIRI9eRB595twThDU10V1x3PJgBzxArbQnX5E34LJV0fkwxqf8Re3Beuxsr8dBuAOc37I5PMWeo2z0ik0JUtLxL9%2FeJDWUAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbe69b22-FRA
expires: Sun, 18 Jun 2023 20:31:34 GMT

GET
H2 200 1665053415.png
web-api.scorarab.com/uploads/team/ 5 KB
6 KB 60ms
56ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1665053415.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8cf399463d383295b06f1e067b78a179cf882f1b8345a7757187c6b61e6132d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5292
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Oct 2022 10:50:15 GMT
server: cloudflare
etag: "633eb2e7-14ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLe%2ByqvdWNnohi0g4X15epfXPd5CPz%2BHZ80zjeHlQT4YQBXTeZp%2FkQgPiDtdAb0IEHt0VxLtO1tyISudFCmVGsrcvuNxHk2caiKDNmLKFXTgnD%2B19HqM%2F3fzeRDOGGWfUJjFDMdCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbe89b22-FRA
expires: Mon, 19 Jun 2023 07:01:42 GMT

GET
H2 200 1557010589.png
web-api.scorarab.com/uploads/team/ 4 KB
5 KB 41ms
38ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557010589.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24b97eba7a64f23317020f937bf3852cf87bc699bca89c65df2893773654d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 377534
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4438
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1156"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVzU6knIxpHIhCs2EXoyR3F0nHj7uW0gHf%2BVg1mwJttBk6a2eK9sKbQ5ap9wPhLXSGskxKQOvY%2BVLd5CdbAaJU7ZSTiLdSyD7P1BnFP6fIjDjJkAjH7UHz9wHXsmER%2FQ3mCQ3vV6BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbe99b22-FRA
expires: Thu, 15 Jun 2023 05:46:55 GMT

GET
H2 200 1557009110.png
web-api.scorarab.com/uploads/team/ 7 KB
7 KB 41ms
38ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557009110.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf64955787e03ed89fea96b5b726096b5ca6bb1252d6fbbdb2bf8f0880d888d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270964
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7257
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1c59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPlUJnTNE%2BLq7lNP7Hk4RsG%2Fd31kz3t09YPFpd5Uff7XmXlzKh9I1xQTirXGkL6cVn9PX82se1yWxs9gq8l3TTMYqbZheOb8ZPmHLRxyRqkanS7ynlzwT3dlTImUOi3zgKM2gYAi5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbea9b22-FRA
expires: Fri, 16 Jun 2023 11:23:05 GMT

GET
H2 200 1641679962.png
web-api.scorarab.com/uploads/team/ 4 KB
4 KB 40ms
37ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1641679962.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7df4cb45e2a46b173647a88e91fb054cd872c67961618c893741387cd562c311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712302
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3839
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Jan 2022 22:12:42 GMT
server: cloudflare
etag: "61da0c5a-eff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyxR%2FQa5dbr23JjnPFjVISh8BPXQ3lzKqt8NyGg6Uy2KAZ7n55zuDFxc1sjG2qUJ65HBvgrSwsE%2F3QmkMhaNue22Po0cYmG%2Fur61yXBJVtFC6L9ybMuej1VAU2CD%2FAWQLRf4ujftuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbeb9b22-FRA
expires: Sun, 11 Jun 2023 08:47:27 GMT

GET
H2 200 1557535209.png
web-api.scorarab.com/uploads/team/ 12 KB
13 KB 42ms
39ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557535209.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7552d23333cc01dde25fda805b32d299e31e010d5d416d582c99035a0f98b1b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152086
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12740
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-31c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PXxFOYl6s%2FMtaoR0mlsXpDT6e2gR8PIovSB7B4JLUd1oPPSJPmdxR6zRSzPNIf5m6Xvv0vWuKCt%2BKFwIDPzGBnal43loQSS0OmyA3zpIDx9VoM3%2BfKCMv1aHSTAujncDfaiPS6lMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbec9b22-FRA
expires: Sat, 17 Jun 2023 20:24:23 GMT

GET
H2 200 1557535267.png
web-api.scorarab.com/uploads/team/ 8 KB
9 KB 55ms
52ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557535267.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c73e32112ded71759b5985f0025184e985ff1562d994458b37b93452ec1b6e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701779
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8386
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-20c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE2PSyDWZdGbHbjBt2e%2B2JQt8w6L%2BKwoVO6sdNNBcdJ2V2cIcQK90dSr%2F%2FZCIGMVrk%2FchXkOyzMsmfUoRjSSwFLc7n%2FW8aM6hiPGI4wIq3lssOWml0zMrKFd%2F9sUdITyjjo406942g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbee9b22-FRA
expires: Sun, 11 Jun 2023 11:42:50 GMT

GET
H2 200 1684567688.png
web-api.scorarab.com/uploads/team/ 12 KB
12 KB 57ms
53ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1684567688.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46177cd2f07246fba079770c4f3f98616a0ccbb77342a27f9a6b28d014fd9ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12038
x-xss-protection: 1; mode=block
last-modified: Sat, 20 May 2023 07:28:08 GMT
server: cloudflare
etag: "64687688-2f06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXO08gmUZ55gnHkRB2%2BtLe%2BZB0j%2FD5ZRWFnV9rPtMKymcTSDKp6m%2F5zInTdx7bDcrGJRuLo4DxYyZpMovuGwCt17KY8CZf6tPxDBp0mtVxc1soXwfnwjgDYCru3z%2B6AQlpGhTn%2FeyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbf09b22-FRA
expires: Mon, 19 Jun 2023 07:31:08 GMT

GET
H2 200 1633186523.png
web-api.scorarab.com/uploads/team/ 10 KB
10 KB 55ms
52ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1633186523.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa012da0bfcaa80d5e8683e1acb4af0858b2c968eb4645fbccd2db47cb25734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10365
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-287d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAFTUh4SXHzWFUefL3d0uptj9vjrCAkTn1Ahjmq2RpBUYmhypaSVAvNpal7Ektem9xD%2FQ2YKEYX45qVGUN8v2QXqZr98VrlMhZZrcEU3X6AKM5vXQNNAEqhIz7oRaPKIoHhkBv%2FBBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbf19b22-FRA
expires: Mon, 19 Jun 2023 07:31:08 GMT

GET
H2 200 1560461775.png
web-api.scorarab.com/uploads/team/ 5 KB
5 KB 54ms
50ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1560461775.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f709b181443c502413f6334c6c901a54e0732bd9d807eab2ad87b843baf5270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26433
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4837
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-12e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfCGBJyzqYxa32SkDaoHnkc4MMMYa7FnbTTe2CWJaQh1nYMe%2FULzuVAklfyfzNVvH42XpPQ2l9joK7L0acK9avroSZMPpHoDlF9t19PG0OFLUjHAHVfISB%2BX5yxUe9E8TXMwpaBTnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbf39b22-FRA
expires: Mon, 19 Jun 2023 07:18:36 GMT

GET
H2 200 1622387312.jpg
web-api.scorarab.com/uploads/team/ 3 KB
4 KB 54ms
51ms Image
image/jpeg 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1622387312.jpg

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e3eec785c1a54f5eafd1a43568569258b0721018e6da3efe45317a49b2757e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102054
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3408
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-d50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsUbd8Gclm0B8RTOL8%2BSbHSjHykzZQXTQgc2RtuTOo4%2FkSHZ%2FpF%2FL7eXPZr%2BmDtZocnDqQ19dnCQj3v4oTrNvN%2Bk2zixyveojQYFPcOjc41mELnOlDHqdZqoumdohNpFR6U%2Fnbucdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbf59b22-FRA
expires: Sun, 18 Jun 2023 10:18:15 GMT

GET
H2 200 1654376336.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 59ms
56ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1654376336.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7375bd806cac2324392b211707066ddc00d31d23ad5473a98d3f204ab58363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2949
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Jun 2022 20:58:56 GMT
server: cloudflare
etag: "629bc790-b85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZumgSKtmpgpEh1lLOUeXj8S%2Bvp2uzPIb0qhG01hfDOohrfYt3UjT8xUkh3hSdN0BPtXK2%2FQvuUlDOlT95KFvm7SR802lYw2Ky3p%2FOwHAW1N9soxBp%2Bgg2%2FzY26SvbEdjKc5%2BT6%2FhXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbf69b22-FRA
expires: Mon, 19 Jun 2023 07:19:44 GMT

GET
H2 200 1684566996.png
web-api.scorarab.com/uploads/team/ 4 KB
5 KB 57ms
54ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1684566996.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5239c90a77c7216ec8a627a19e04b79453d6a66243ee8643e4588835f7414f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4318
x-xss-protection: 1; mode=block
last-modified: Sat, 20 May 2023 07:16:36 GMT
server: cloudflare
etag: "646873d4-10de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJ3P7GImIPBH2Vcxj2VbleU2EvzfKxH5gzJX82pQmNbmda1YL2WCVQYjxtFIcH36NbCzFquhh%2BgOZfRGEKHtj5bYQvVCFiwawRqYF%2FZka5Q1cOo2bmj4YknvJugNZgQVDBXTCq30mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbf79b22-FRA
expires: Mon, 19 Jun 2023 07:19:44 GMT

GET
H2 200 1558904436.png
web-api.scorarab.com/uploads/team/ 4 KB
5 KB 58ms
55ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1558904436.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a992a00b7b34c3631f86ebb382a7a1df3be1fc30b2ff3d6fc16d2f7629563b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4463
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-116f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2F17L9eRa7RPT3iKftWNclQ7Xi5y%2FSwEAZgVWIIIc19%2FqN0Io%2B0YPzRb2%2FBkdAUyOdBKWp0AQJzkPFJj57T7Wca%2B4mBuWui0YIEPa7FppmfZPW1t5GU0nR0e0ZhGblpPvR%2BhDqmdbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbf89b22-FRA
expires: Mon, 19 Jun 2023 06:48:46 GMT

GET
H2 200 1556907818.png
web-api.scorarab.com/uploads/team/ 6 KB
6 KB 59ms
56ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556907818.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8339bf8d365814822ce69418155ca46945c901201a05f210de3b2a96ab3e9460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1655081
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5689
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1639"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2JOv412c3MJXSJqJWN5MnAT6cd00U7AUKmkGsgDfCYgjoe1tl%2BbWw%2Bh43JOOFwk0Yqu8wOXdZI4zhrYrbb2AmgnecTnfdpu8fwcBQ8DywCxZh7PQgoVUtWv4geH1WkcG9Cb3avfXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbfa9b22-FRA
expires: Wed, 31 May 2023 10:54:28 GMT

GET
H2 200 1566062060.png
web-api.scorarab.com/uploads/team/ 8 KB
9 KB 56ms
53ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1566062060.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708dcb948349f6ad1a6166489524f1fa263ab0b9c0ab72acf193f40ae2cf77a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95209
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8461
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-210d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJQUinzCZYiyjiHlzMuvzbc67YKx8KD0boFnQda%2F6AhaHt2qz1Igz6J1zaE%2Bvj6%2F8SfguDc2FbQXoncuXGvnD5xRLcWiaaH3uTH14TCftD6Sy8PIirCz51JEgPgBB3Bs9b5x6Her0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbfc9b22-FRA
expires: Sun, 18 Jun 2023 12:12:20 GMT

GET
H2 200 1557221057.png
web-api.scorarab.com/uploads/team/ 6 KB
6 KB 56ms
53ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557221057.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b88da02687f5436ca46111be2e264021130e660393d15449d273b24823de8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270961
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5701
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-1645"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGInBYCCAe9t0MNWKVpcyB6IChwdX1AiptYj9BgyidRfBw4DQxK4alO5oudUnyb4cE0v8vepCUOrYu9lfVH9Uv8A5vPyG0BxvhYyhirxagEIvPD9mRnifbpQT03YgEKxrwn01rSeBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbfd9b22-FRA
expires: Fri, 16 Jun 2023 11:23:08 GMT

GET
H2 200 1564444624.png
web-api.scorarab.com/uploads/team/ 4 KB
4 KB 59ms
56ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1564444624.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f01e3bb73a3658237d8fb499f30bb744e795531bdace4f58bfee17be6bb7f78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3612
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-e1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1qqpxxpDftbq1dOIdaXNsmDW2gQltkIW2KE5ah3gqFiR0skriYmaBcadupUomuWdoxLq%2BwZWqMVHj4MBKxnLj0RXUtkXwBS3WGpqQg7wFFqVzBvg2L6o6zQnR%2BgSFBbMGghnxxgnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbfe9b22-FRA
expires: Mon, 19 Jun 2023 04:16:24 GMT

GET
H2 200 1557010340.png
web-api.scorarab.com/uploads/team/ 5 KB
5 KB 57ms
54ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557010340.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914b6adec04073c5088eb4efae9c32e937a9679af704705006efad5b89a1cee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27841
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5019
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-139b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJVmy4uwQNCvbG00UuEwFVD8C7SH62UfZP9tUTEGEWDwpckrdsNCKEAgJtcv1bXS6RFjtuTbc3vqCW%2FRvW1rZtt1jZzeOkW6lSW15YRiQ98vIux7z9ipdCwvMvYFEnrVDFeC7gaq1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bbff9b22-FRA
expires: Mon, 19 Jun 2023 06:55:08 GMT

GET
H2 200 1558220341.png
web-api.scorarab.com/uploads/team/ 9 KB
10 KB 58ms
55ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1558220341.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8f097b0126cc8db0c39f4fcc805f1456d5df20f7535e1628b1f0aaf0339a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 157131
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9453
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-24ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snBLWs%2B2%2B2CjrtE7WkVdWkAwbpWQcBs%2Bic3mO0CtC4W3YrNqnXYii3chd%2FRkEYNj%2FJwbQfIUzgk8Xuyb6HieZqJRop2NSLlQlheN93VQRmP47abcdQPBrawPZ3YR2VP%2Bvd%2BnBxG3uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bc009b22-FRA
expires: Sat, 17 Jun 2023 19:00:18 GMT

GET
H2 200 1591207042.png
web-api.scorarab.com/uploads/team/ 9 KB
10 KB 55ms
52ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1591207042.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eddd85223d77f04ded4faf0ba791f164dd516b170b357c8064987382e0ebc56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27819
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9584
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-2570"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tcnu9aIlIu8rqq%2Fi9mrZ%2FYBwrEXy4y5TLl6hhOVbe7T81%2BsQGVobzoPUF58wI2KkzuP7HlRPnk59JSVhUsW%2BNqdsjT4D590%2BMfpVmB79A4jTVW8WJ3g0v%2BCyiorbpuXBM9yGek%2BANQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bc019b22-FRA
expires: Mon, 19 Jun 2023 06:55:30 GMT

GET
H2 200 1567707646.png
web-api.scorarab.com/uploads/team/ 2 KB
3 KB 57ms
55ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1567707646.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e012a6033cdb032f733bbcaf318457cc2f4514b6461b7e7c97dd1d37c1f93b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26222
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2453
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-995"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIm0nBZunqkvnDLXWhVBgNYjfSnAyuPH3rDGs0NlXcU3D5ZVKfaUeb9a5duOU%2Bz%2BMJQByOS%2FrQJBuNUhhzAnNByobIQGXkBj0Hveuj6wxo7w7huleW9kpQ0e5sh3LxlZCajNWKnmiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bc049b22-FRA
expires: Mon, 19 Jun 2023 07:22:07 GMT

GET
H2 200 1670707634.png
web-api.scorarab.com/uploads/team/ 5 KB
5 KB 54ms
51ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1670707634.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9379d780b6b76f5e73c94b233bfd6de2fb25a0fe1c30271d312442bd5db96a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68053
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4930
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Dec 2022 21:27:14 GMT
server: cloudflare
etag: "6394f9b2-1342"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNP0on%2B3BL0JxQ6Tl8ey051yh4MK8%2Bib0SC6CG4dqYI2ln50LS0X24lH2g1eLVuOlLnPM5%2BuZPIC0OwodfPu5tY2ZKTUnOTs5LJ%2BSpGYE70lRej3UzCAcsZRuX2gTQ1OKFUPnE%2FH9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bc069b22-FRA
expires: Sun, 18 Jun 2023 19:44:56 GMT

GET
H2 200 1567791745.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 56ms
54ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1567791745.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

136a8745aa5e94cb6a43e34db19a6f30ef2d0d185ddf21e4c4572b16d5f17f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26047
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2901
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-b55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFwEeRsRaZetMFGVe36q6voHNVdnY8iYRu854hD5kSPisVJmq8IdQB04cto1%2BItaK%2Bk5RTqdkB0AGGeba1n9OVQ3T1cXQyp0a9IZQ%2FDZOQ93bfZ2wH7ShYI4S6KeikSw6W7TbwMAyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bc079b22-FRA
expires: Mon, 19 Jun 2023 07:25:02 GMT

GET
H2 200 1684567342.png
web-api.scorarab.com/uploads/team/ 5 KB
5 KB 59ms
56ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1684567342.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41396bfe0a420dfd71639b33e05f526432dc171561d084c52b304ed1bbf7cf54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26047
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4974
x-xss-protection: 1; mode=block
last-modified: Sat, 20 May 2023 07:22:22 GMT
server: cloudflare
etag: "6468752e-136e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3tEyDzeM3ktWnFRZQZU5RuDD9IeP67eMBMDrs%2FWRonKEjNojmwUtu3UHgWhPaFQNl4a1cHsVYnCwuHJaMhPxgcjw294N70pFI%2B3q8TDe9RrfSWDiS%2BqUCEQgHdCGKa3LwWcWofVEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bc089b22-FRA
expires: Mon, 19 Jun 2023 07:25:02 GMT

GET
H2 200 1637130592.png
web-api.scorarab.com/uploads/team/ 13 KB
14 KB 57ms
54ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1637130592.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7052bc55f0bb13f31f5720fd8a772e06caa9437fc7dc360071152cd0a63336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13511
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-34c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5vVPbOngFL4kSSv4NdE7B1M0Te%2BGb2yxavQ%2Fpx0DsXzlpKEN%2FN8wj4R6eYYkBsmvfMwKlvQbXz%2BRkwg9W0O80BlhG6EAyyLW7W3k3REvYOLFdhiZ8F1c17Evi159fmEihP8qwuK5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bc099b22-FRA
expires: Mon, 19 Jun 2023 07:31:09 GMT

GET
H2 200 1653905193.png
web-api.scorarab.com/uploads/team/ 12 KB
12 KB 58ms
55ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1653905193.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96e5b09e3d065156f688f56a6cc3a68ccc93a2fc99c503d86a1c5d137fccdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12120
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 10:06:33 GMT
server: cloudflare
etag: "62949729-2f58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LjjBXFcuXxtXzHxzBl4ZNDp%2BQJ1mpy4ErKB8ZZb%2FEZdAwnZyoA76MHiE0QZFMP0ILy4Rb2d1%2BFUnSKcSbg7PBioExDlp8r9KhnQQDIcd27Z%2BNuh9owDIZ3OIeLPusIy92pLR0iqEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2bc0b9b22-FRA
expires: Mon, 19 Jun 2023 07:31:09 GMT

GET
H2 200 1595719971.png
web-api.scorarab.com/uploads/team/ 11 KB
11 KB 58ms
55ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1595719971.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae9fd33d9e3001a615835522f0b662db30b16fc7eed0d41752d66b9c4c6392c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 252512
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11266
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-2c02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nPnujbXeuNRvhu2uE3eV1OrpECk2esbPqPo%2BqI3B%2FNoD0PbWc2qk7xdU4eSjz24nshJKE1FIBspZajKJnU5ANPzzvwR7%2FFg4gtxQ4ADUZNew41a1WSjQyO6hO%2BcEccu2VLqSu1VjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2cc0e9b22-FRA
expires: Fri, 16 Jun 2023 16:30:37 GMT

GET
H2 200 1556824121.png
web-api.scorarab.com/uploads/team/ 4 KB
4 KB 55ms
52ms Image
image/png 172.67.141.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556824121.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a2666d49e3217edc365cfd57f00673ffb2b9e3752d418b3ddae54a5006ca82c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180703
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3857
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-f11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apVc%2F4l3ca5a%2FeO7dNMW%2BaZ6vk7myfRFU%2B2gQSfz5rFPw9jI%2B%2B4i8X8Aex7IAfszUkt%2BRqQR0NGoOa7SxnbB4QIlnYo6q0sTkFSeJfkWydT1BL5lsP1eNtkqH6sTHn5o68aXQhzxJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ca553d2cc109b22-FRA
expires: Sat, 17 Jun 2023 12:27:26 GMT

GET
H/1.1 200
OK hb_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/467942/ 922 B
925 B 65ms
14ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.aplhb.adipolo.com/prebidlink/467942/hb_744327_17687.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.tohead.js
Protocol: HTTP/1.1
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: db9725a00f53ca2f3a4140f8cfda2bf9e4dfb7118d1dcf68306fb778469ed729

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 14:39:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 May 2023 12:04:11 GMT
Server: nginx
ETag: W/"6466143b-39a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Sat, 20 May 2023 15:39:09 GMT

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

76 KB
25 KB

145ms
95ms

Script
text/javascript

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da59fa800c5c75fe3f9a7c2d6efba7440864bed5212d726acd5878471c940721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25312
x-xss-protection: 0
server: cafe
etag: 136 / 19497 / 31074711 / config-hash: 12351717780372853951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:09 GMT

Redirect headers

Date: Sat, 20 May 2023 14:39:09 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 20 May 2023 14:39:09 GMT

GET
H/1.1 200
OK wrapper_hb_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/467942/ 2 KB
1 KB 65ms
14ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.aplhb.adipolo.com/prebidlink/467942/wrapper_hb_744327_17687.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.tohead.js
Protocol: HTTP/1.1
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a2cd0832a50fb1f4543916df4a400e19ef5a2fd65d25b3b60de2a9cc13aa5399

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 14:39:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 May 2023 12:04:11 GMT
Server: nginx
ETag: W/"6466143b-703"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Sat, 20 May 2023 15:39:09 GMT

GET
H2

200

gpt.js Show response
www.googletagservices.com/tag/js/
Redirect Chain

http://www.googletagservices.com/tag/js/gpt.js
https://www.googletagservices.com/tag/js/gpt.js

76 KB
25 KB

136ms
79ms

Script
text/javascript

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcd83f868aa0c709c703e1987838d34bac9d4e74a20ef11b6b4996ecd16b7f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25325
x-xss-protection: 0
server: cafe
etag: 790 / 19497 / m202305150101 / config-hash: 12351717780372853951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:09 GMT

Redirect headers

Date: Sat, 20 May 2023 14:39:09 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location: https://www.googletagservices.com/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 20 May 2023 14:39:09 GMT

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
7 KB 87ms
27ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by: Host: shoot-yalla.to
URL: http://shoot-yalla.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7351726
etag: "5ed61610-1b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUsnmyCoCC7wxkUSoXflW073AJgK%2FnTqecWtyLlSpnnYnfj8Y7sgc9pBraG4q2MAarVHYAhBP%2FaEHPHv%2BuX7K3oWAd%2FQUHHUwwXcwL0YbTHbVjsY7sszSF1GZwuIBLXGJBic9AygH448iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ca553d2caaa3678-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7068

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 156ms
80ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Requested by

Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ff14be65129244029a5cf4926e3428f3fc0103d937d1e90aa51ae7d477fe14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Origin: http://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47533
x-xss-protection: 0
server: cafe
etag: 4608662784870325947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:09 GMT

GET
H2 200 page Show response
mediation.magnetssp.com/bpads/ Frame 5D77 2 KB
2 KB 88ms
47ms Document
text/html 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: b91e8c3cec36f126517393639b358f48f77d59685ab49e144508d27a83539499

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
content-encoding: gzip
content-language: nl-NL
content-type: text/html;charset=UTF-8
date: Sat, 20 May 2023 14:39:09 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-id: -bY1yx5agYEtEwbnTcYHd5vHTa3zAxB_qoR7X0nPQFVovBnBNLkqpw==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront

GET
H2 200 bpads
mediation.magnetssp.com/json/img/ 823 B
1 KB 114ms
72ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediation.magnetssp.com/json/img/bpads?app_id=1a00190d4d25000&request_id=F2FP4bC47QOi2L-wJrfaMfXrED7AO4zw&client_ts=1684593549228&os=&lan=en-US&sdk_version=v1.0.0&page_url=shoot-yalla.to%2F&events=%5B%7B%22idf%22%3A%22D4EO4cD39QKo0i-qA25WxuNgDtuaKZ2u%22%2C%22gen_ts%22%3A1684593549229%2C%22evt_id%22%3A%22MAG_FIRST_OPEN%22%2C%22cat%22%3A%22MAG%22%2C%22sub_cat%22%3A%22OPEN%22%2C%22data%22%3A%7B%7D%7D%5D
Requested by: Host: shoot-yalla.to
URL: http://shoot-yalla.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: CIrWZGngaI3KDTASsMhHSeSzASKlIbsKrDvIm2YJO-nd3ozNqiKesg==

GET
H2 200 bpads
mediation.magnetssp.com/json/img/ 823 B
1 KB 95ms
54ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediation.magnetssp.com/json/img/bpads?app_id=1a00190d4d25000&request_id=G2HK4WC2AQIn5o-j960nuddiEnkMUcJ&client_ts=1684593549229&os=&lan=en-US&sdk_version=v1.0.0&page_url=shoot-yalla.to%2F&events=%5B%7B%22idf%22%3A%22H3GO4cD1AQPL1i-Fk5xr3GBXZa8jBCak%22%2C%22gen_ts%22%3A1684593549229%2C%22evt_id%22%3A%22MAG_SDK_START%22%2C%22cat%22%3A%22MAG%22%2C%22sub_cat%22%3A%22START%22%2C%22data%22%3A%7B%7D%7D%5D
Requested by: Host: shoot-yalla.to
URL: http://shoot-yalla.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: FtIyk0Qntlxk5AhDmMJxs3VmMeGDeuhyuwKi1LZvNTs7gIs-DnU-_A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 44ms
34ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-42B0FRBVLM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fee2a53c22eee5dbc27c6a32267a0f2230a74d668c72261c76b04f40545af16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 May 2023 14:39:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 104ms
31ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 May 2023 14:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 20 May 2023 16:35:39 GMT

GET
H/1.1 200
OK hbw_master_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/qtNU0/ 95 KB
32 KB 18ms
16ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.aplhb.adipolo.com/prebidlink/qtNU0/hbw_master_744327_17687.js
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467942/wrapper_hb_744327_17687.js
Protocol: HTTP/1.1
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c9be495c6f46ed16531bd0a7b676c94b65117f19fa29b3d95e871e36c880ed0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 14:39:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 May 2023 12:04:11 GMT
Server: nginx
ETag: W/"6466143b-17ada"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Sat, 20 May 2023 15:39:09 GMT

GET
H/1.1 200
OK hbp_master_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 343 KB
110 KB 246ms
244ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_744327_17687.js
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467942/hb_744327_17687.js
Protocol: HTTP/1.1
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 442f9c8c350b9f1bc4ac9c52b07be2e41e9c44ea137f63536ad7cb7fec9a53e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 14:39:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 May 2023 11:03:46 GMT
Server: nginx
ETag: W/"64660612-55c91"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Sat, 20 May 2023 15:39:09 GMT

GET
H2 200 page-XCXWEUPF.min.js Show response
mediation.magnetssp.com/dist/bpads/js/ Frame 5D77 14 KB
5 KB 51ms
51ms Script
application/javascript 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: a6482849860cec9c85f0b28a58d829013b52b1c774f20255cf6100f66c1ab46d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:40:01 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:02 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: 1E9hDMfa-m5qKlvuWuHXmgQFWPPUrGmtN-P4Zc9gyNy2A-2JgpnFIw==

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 146 B
415 B 460ms
20ms XHR
application/json 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/qtNU0/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: aca3698b958fd7285f9473d0ed6dccc0d589ea39b36532ff70475502b5db470b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 14:39:08 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: http://shoot-yalla.to
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 146

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
432 B 459ms
20ms XHR
image/gif 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=744327&site_id=17687&full_page_url=http%3A%2F%2Fshoot-yalla.to%2F&adid=w3i5n5.58&features=81952&vpbv=N145&tte=165&lifecycle_tte=523
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/qtNU0/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 14:39:08 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: http://shoot-yalla.to
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 51ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-42B0FRBVLM&gtm=45je35h0&_p=566771154&cid=1025398253.1684593549&ul=en-us&sr=1600x1200&_s=1&sid=1684593549&sct=1&seg=0&dl=http%3A%2F%2Fshoot-yalla.to%2F&dt=Yalla%20Shoot%20LIVE%20-%20English&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-42B0FRBVLM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mediation_configs Show response
mediation.magnetssp.com/json/ Frame 5D77 557 B
1 KB 49ms
49ms XHR
application/json 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_configs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: fa602dbac3c6503fbbb0f38c49a084f016960090e03b8c6e158c7f77a667198d

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 20 May 2023 14:40:01 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: a8OyPp3FrCVr64KzjhU4MsQ4TmfXdnHEX0mm1K_nC6O8Z6hQm8uspQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 28ms
28ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=566771154&t=pageview&_s=1&dl=http%3A%2F%2Fshoot-yalla.to%2F&ul=en-us&de=UTF-8&dt=Yalla%20Shoot%20LIVE%20-%20English&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1515923837&gjid=1820896996&cid=1025398253.1684593549&tid=UA-153122498-1&_gid=1251982989.1684593549&_r=1&gtm=457e35h0&jsscut=1&z=1716535037

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 408 KB
126 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14570
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128722
x-xss-protection: 0
server: cafe
etag: 7615930951174331818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 19 May 2024 10:36:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
497 B 122ms
56ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shoot-yalla.to

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d831e121563f442bb2f84909f710a0c9cc68a17ea5a9ab8abb31dec500e7dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 472
x-xss-protection: 0
expires: Sat, 20 May 2023 14:39:09 GMT

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 5D77 35 B
605 B 52ms
51ms XHR
application/json 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: ORjGHm-bIDGCNCPpddKyZvgJnrEpnspMWzsKRR4wUMrGhpLTLj9Cow==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 5D77 35 B
602 B 77ms
77ms XHR
application/json 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 20 May 2023 14:40:01 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: gSaL8fRYhXB26G5Zjm-O3NG-mi96la6-gCwOO8iVM4466R78Lx7fow==

GET
H2 200 afgegg Show response
www.boomplaygames.com/ Frame F82F 4 KB
2 KB 93ms
32ms Document
text/html 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomplaygames.com/afgegg?at=1
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: 04c19866871960d5f764a0e629213d45cb3670fa273ded92884b05f1310bfbc1

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-language: nl-NL
content-type: text/html;charset=UTF-8
date: Sat, 20 May 2023 14:39:09 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
x-amz-cf-id: m_HaLVoIc3oMwYsytMrkAehB-g3RCCS0E7ZnE9qu7L5hjdEIDwL4LA==
x-amz-cf-pop: LHR61-P1
x-cache: Miss from cloudfront

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 157ms
112ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=shoot-yalla.to

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b5e514ddf435d4cb0a3a0fe4a150353871e3ee33d18158f1ac72efa3ac75aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122659
x-xss-protection: 0
server: cafe
etag: 8048727028091543774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame 5F42 10 KB
5 KB 71ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 27071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 07:07:58 GMT
etag: 15057649708203361565
expires: Sat, 03 Jun 2023 07:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.min.css
www.boomplaygames.com/bp-game/egg/css/ Frame F82F 4 KB
2 KB 20ms
19ms Stylesheet
text/css 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: 1374b8f07fff158a285cae4f10364b53b430f5460c29a56e7069c5044541d12b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/afgegg?at=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 09:48:47 GMT
content-encoding: gzip
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: LHR61-P1
age: 17422
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: uRTLWey38-ub0b4wB4qc8yb9YFSw-QGDaDMMaEG663uKNhYPV94Jrw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F82F 135 KB
46 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c153e48c932bf3d64e13de12214b0d50cb696afc17ff8a8e4e8f65763c66f264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Origin: https://www.boomplaygames.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47321
x-xss-protection: 0
server: cafe
etag: 8138584027268831715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 94ms
29ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 85ms
35ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 83 KB
26 KB 873ms
872ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1589405507026396&correlator=4259723070967284&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=3&adks=3191345388&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1684593549559&lmt=1684593497&dlt=1684593549010&idt=492&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=1600x4555&msz=1600x0&fws=0&ohw=0&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96a429ac33cfcfc2d103117a108fac0985c3918c32e9043ef346858700e9671f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26275
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 197C 6 KB
3 KB 132ms
31ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:09 GMT
expires: Sun, 19 May 2024 14:39:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bg.png
www.boomplaygames.com/bp-game/egg/img/ Frame F82F 257 KB
258 KB 23ms
22ms Image
image/png 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/bg.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: 471d1441e10580906ddefbe4cfb90f60ba5a73ff217739fdb927a06d38694ab5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:01:27 GMT
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: LHR61-P1
age: 16662
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 263395
x-amz-cf-id: x4_jh9plEmokTwO1nCjTKtWD-6Q4A40UBT43vWyOim729tNbiYSR2g==

GET
H2 200 icon_egg_close.png
www.boomplaygames.com/bp-game/egg/img/ Frame F82F 44 KB
44 KB 79ms
78ms Image
image/png 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_egg_close.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: c334fe640b85a39b39afcb3fb696fb65a0f38f61d4aa04e4daeb4b2736721a53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:01:27 GMT
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: LHR61-P1
age: 16662
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44659
x-amz-cf-id: HjgFBer5VXMYXu1D_wHtztgiMCw4zxmtMMqINtgBg00Ye_M58kN1jQ==

GET
H2 200 hand.png
www.boomplaygames.com/bp-game/egg/img/ Frame F82F 26 KB
26 KB 83ms
82ms Image
image/png 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/hand.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: 4bb033ea7a2a04c5459311db0d05fdf49fa1c1478b61e7db9e8358dcebfc9504

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 09:58:42 GMT
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: LHR61-P1
age: 16827
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 26692
x-amz-cf-id: PvpoBWqbDDGzWu6TfFzOCDIKMlMYLGmeEX8mGnAyaNKCLmcSkaUX3Q==

GET
H2 200 icon_egg_head.png
www.boomplaygames.com/bp-game/egg/img/ Frame F82F 18 KB
18 KB 85ms
84ms Image
image/png 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_egg_head.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: 553ae0bf096177f4d85b26a41d255124f5e812a830cc2b47a7fda8d2c05a4cb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:00:58 GMT
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: LHR61-P1
age: 16691
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18136
x-amz-cf-id: v4P4HyBy-FRzSqfoMAOgF3ZkD8ty_qjZpu_aadYN9Qa7bFYiV5IbtA==

GET
H2 200 pic_light_1.png
www.boomplaygames.com/bp-game/egg/img/ Frame F82F 58 KB
58 KB 86ms
85ms Image
image/png 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/pic_light_1.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: 53c8e12b1eecfdd19a3dd422e55c59fa464b5b8d79c1c3a496c5464012a7c2e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:01:27 GMT
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: LHR61-P1
age: 16662
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 59063
x-amz-cf-id: QhCwkOERlCH6Ijgs9eRfTAWpKPP-gbHEEfAemt0kW7fyj1bIomTdZw==

GET
H2 200 iPhone.png
www.boomplaygames.com/bp-game/egg/img/ Frame F82F 14 KB
14 KB 91ms
90ms Image
image/png 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/iPhone.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: 46694a456711f854acf918bf369e0ce435264b9bb101fe05b5605ef4aa68fe22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:00:57 GMT
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: LHR61-P1
age: 16692
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14456
x-amz-cf-id: l0JHh_8DY23VcVEM3UWfpVbzWV0mp-yOLq1I-zukdEh76sGS4zGN8A==

GET
H2 200 icon_open_egg.png
www.boomplaygames.com/bp-game/egg/img/ Frame F82F 44 KB
44 KB 92ms
91ms Image
image/png 143.204.68.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_open_egg.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.68.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-68-51.lhr61.r.cloudfront.net
Software: nginx /
Resource Hash: 5b611e89fa1a6b58cbc1db830dffd3ff972ce5727f6397510a60332cc2218055

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 01:11:10 GMT
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: LHR61-P1
age: 48479
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44922
x-amz-cf-id: Gri-bciBGvH4kDQoTzfVOcB2Xim1kqKUGMp1uRPKa1VWmRcBjJaxYA==

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 60ms
15ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=http%3A%2F%2Fshoot-yalla.to%2F
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_744327_17687.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9c314b09bcbde2f9381e243d4d9ead0f61ccfb46e1e2a3450e3a2c98d076d8f2

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

expires: Mon, 22 May 2023 14:39:09 GMT
date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
last-modified: Fri, 19 May 2023 12:02:20 GMT
server: nginx
etag: W/"6467654c-2ad5"
content-type: application/json
access-control-allow-origin: http://shoot-yalla.to
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame F82F 355 KB
120 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=www.boomplaygames.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

504b929085c2089f382ab1f3a25345df29ba3e2496bb2300b142862d12718ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122659
x-xss-protection: 0
server: cafe
etag: 12550366154060463425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:09 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
608 B 92ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=shoot-yalla.to&callback=_gfp_s_&client=ca-pub-7731356227310930

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=shoot-yalla.to

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6c2098e801ad734931dd2a8e7249eb0c03d8e4059efcf635cc1dc9e5de48e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 36ms
35ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=id-custom_banner&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DDF 76 B
265 B 353ms
352ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=1573534164&lmt=1684593497&plat=1%3A16777280%2C2%3A64%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&dt=1684593549449&bpp=5&bdt=439&idt=277&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8628245862036&frm=20&pv=2&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C44788441%2C44789923&oid=2&pvsid=1589405507026396&tmod=2064045372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=297

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:10 GMT
expires: Sat, 20 May 2023 14:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BFA 105 KB
36 KB 726ms
725ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1684593497&rafmt=1&format=1200x280&url=http%3A%2F%2Fshoot-yalla.to%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1684593549454&bpp=3&bdt=444&idt=297&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8628245862036&frm=20&pv=1&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C44788441%2C44789923&oid=2&pvsid=1589405507026396&tmod=2064045372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=I1zik5NdOm&p=http%3A//shoot-yalla.to&dtd=302

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a752f1ac375198e04165d444151bbbfdff383b50569192acebc2bf4a43bc6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:10 GMT
expires: Sat, 20 May 2023 14:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 461ms
461ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1589405507026396&correlator=4366703083994895&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=4&adks=2936496661&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1684593549804&lmt=1684593497&dlt=1684593549010&idt=492&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e91f7c9100b29e970256e971ffe5550b966759fd7d56654b3f1565c4f64e9ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12154
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326746042
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame F82F 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F82F 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E77 76 B
89 B 314ms
314ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3279755396&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&dt=1684593549643&bpp=3&bdt=110&idt=278&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=6212190396527&frm=24&ife=1&pv=2&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.lsj24sx7pm1p&fsb=1&dtd=294

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:10 GMT
expires: Sat, 20 May 2023 14:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 87 KB
30 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dad8ae9ca982fb116a8dcbef8c54452136868e32878268c4d138064faca9cdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30670
x-xss-protection: 0
server: cafe
etag: 5827479005794537514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame F82F 87 KB
30 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dad8ae9ca982fb116a8dcbef8c54452136868e32878268c4d138064faca9cdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30670
x-xss-protection: 0
server: cafe
etag: 5827479005794537514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 49E6 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBpy-3es_O6xvJHSEHW32WDYHda0eUuKmHpE90j00Ki137hnvnkhvQDg8Nz_78FuJ1ZJazGbBhGqoSqZBLqJrhLjqdmpyCL0dT58x4n2AYv_lVGk99XzvhYrrjpgYv_BwwPUDBIcurhXRhjFN-j1kx_ZqN6sFN6XW4PY5nXeaDJnM5l_d_xbPoi1guV8OYoYgUAWVAT5xitO-POyQW7UioazQKJ-TsqeG664nuAoXJqQTjGs-20g6dLc-ZvW4RaVH4j8jOF01GFp0MliDlo8VBceeXzpnPPl9O74VZM8pln3NtDQZl-DcEEO6lFuCT5EsQvyNLzX9V&sai=AMfl-YRXodB87rBB-m3woEuWTqMFK5zIpufiQbAvQ0UKvungd7TAjxtoxLZ66eBGheabz1ilj3hQzwNoNl1-BT8T7qJFti9BPojmAa6ROMxVhSuIqzxf2rqb8_vl97CKcaX0lFnXEgST03TNclvJngc&sig=Cg0ArKJSzEn3LcphHXY0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H/1.1 200
OK prebid.js Show response
acdn.adnxs.com/prebid/not-for-prod/ Frame 49E6 2 MB
652 KB 54ms
15ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: HTTP/1.1
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires: Wed, 19 Apr 2023 10:50:23 GMT
Date: Sat, 20 May 2023 14:39:10 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 10911
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 666704
X-Served-By: cache-lga21951-LGA, cache-ams21066-AMS
Last-Modified: Thu, 10 Feb 2022 18:43:39 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1684593550.362741,VS0,VE0
ETag: W/"62055cdb-23771c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 37470, 4

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49E6 170 KB
53 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F82F 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&preloadAdBreaks=on&onReady=true&event=adcf_cl&client=ca-pub-7731356227310930&bow_v=r20230517&js_v=m202305160101&fetcher=adsense&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame F82F 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F82F 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB0C 161 KB
48 KB 767ms
766ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c5028b5275feb8dbb123db86c5991e5c98b67390ddd8a752eddf42822f0173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48735
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:11 GMT
expires: Sat, 20 May 2023 14:39:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6387 146 KB
39 KB 547ms
546ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378860&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684593550349&bpp=1&bdt=816&idt=0&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.3vvs2lm7i9gr&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f6bc8f197e35eed1fdc944a3252d6e16a85e1b929ea958cd5bfb368ae5cc772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39524
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:10 GMT
expires: Sat, 20 May 2023 14:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 49E6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e36a9974ed04c06c2ed75046689c7cb4c14d6e13f6e300112446ca9febbb04f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame F82F 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 container.html Show response
03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 83A9 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:09 GMT
expires: Sun, 19 May 2024 14:39:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ Frame 49E6 3 KB
3 KB 113ms
23ms XHR
text/html 2600:9000:2240:400:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:400:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Sat, 20 May 2023 00:07:41 GMT
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 52290
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: 5AxnCFCV6DH_TWWTdQAF6vSuVrhF6GT-8gOynNmgRbm3qGqag-ORYw==

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ Frame 49E6 14 KB
2 KB 60ms
14ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 20 May 2023 14:39:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4809
x-jsd-version: 1.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1162
x-served-by: cache-fra-eddf8230021-FRA, cache-ams21077-AMS
x-jsd-version-type: version
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 49E6 483 B
1019 B 93ms
30ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 14:39:10 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2579325
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e96dbK5XMExO4MSZhaY4kPizvt7hph%2FBMP2pFIoehl9dFbdxoaQKDVGiNkDcu5WAJkiCZvYlCHIbEBiOPnk0EFNHO4DzFHMhSk2oM7R1D1%2FMzC56hYgIwR32cS%2F0WvTQQdC09oLCG9nFoG1s"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7ca553db3eb91c07-FRA

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 49E6 18 B
311 B 131ms
25ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.11.0&cb=78906757266

Requested by

Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://shoot-yalla.to
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 49E6 15 B
361 B 87ms
28ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: http://shoot-yalla.to
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 49E6 23 B
399 B 97ms
32ms XHR
application/json 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.11.0
Requested by: Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: bc93536ecc5ad8264afcabff4622f1e17032476dd019b77149c54a37f79d37c8

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 20 May 2023 14:39:10 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://shoot-yalla.to
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

GET
H2 200 css
fonts.googleapis.com/ Frame 6BFA 9 KB
1 KB 89ms
32ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1684593497&rafmt=1&format=1200x280&url=http%3A%2F%2Fshoot-yalla.to%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1684593549454&bpp=3&bdt=444&idt=297&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8628245862036&frm=20&pv=1&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C44788441%2C44789923&oid=2&pvsid=1589405507026396&tmod=2064045372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=I1zik5NdOm&p=http%3A//shoot-yalla.to&dtd=302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 13:46:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 6BFA 2 KB
846 B 106ms
50ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 6BFA 22 KB
9 KB 83ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 6BFA 3 KB
1 KB 90ms
50ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 13:04:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 6BFA 19 KB
8 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BFA 170 KB
53 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 6BFA 32 KB
13 KB 76ms
29ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:46:22 GMT

GET
H2 200 25c1ebd307027cb6cde802b753523349.js Show response
www.gstatic.com/mysidia/ Frame 83A9 8 KB
4 KB 82ms
24ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/25c1ebd307027cb6cde802b753523349.js?tag=client_fast_engine_2019

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3684
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:54:28 GMT

GET
H2 200 97e73efd9a3646d0fb8be6c3ca93c540.js Show response
www.gstatic.com/mysidia/ Frame 83A9 11 KB
5 KB 104ms
46ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/97e73efd9a3646d0fb8be6c3ca93c540.js?tag=core/multiplex_design_v1

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0fbc8a5a8751837b5974c0ff530b06594f6bfc33091bf3ec4ec42bde94931fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 21:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4615
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 21:54:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 83A9 4 KB
728 B 83ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 13:35:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 83A9 2 KB
799 B 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:34 GMT

GET
H2 200 416aaa819f36b6cdeaf7826f4891ee43.js Show response
www.gstatic.com/mysidia/ Frame 83A9 21 KB
9 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/416aaa819f36b6cdeaf7826f4891ee43.js?tag=exit_2019

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4eb0c6cf14d3afb9d16bfb57e9e248c5568aca1b979835337c3f1bd540c82af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 21:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 21:54:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 83A9 22 KB
9 KB 93ms
44ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 83A9 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 13:04:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 83A9 19 KB
8 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:21 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 83A9 24 KB
7 KB 96ms
47ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 May 2024 10:36:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83A9 170 KB
53 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8266876691667861694/ Frame 6BFA 10 KB
11 KB 106ms
69ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8266876691667861694/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3b2fc22525656053045a72e83f5b6f2d063968a23878c2d311bd78cbaa6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10469
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:13:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 14:39:10 GMT

GET
DATA 200
OK truncated
/ Frame 6BFA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6BFA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BFA 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM3_WjdtoZPypMIuFtwfgh7_gB4a0r5dwvYXKyYsQy8WxpLUqEAEgk5jgd2DVBaABx-XE1APIAQmpApJs-AuzILI-qAMByAPLBKoEzAFP0IzWAZ_Y1v2tMHQRCjZmSvJln3AKY_RWmSdx3qzKpQ7DOkIkI4c4dOYePFyrPTDUeCOzxZSZYbsd8wM6Q_1GuGn1zuyl2bkJvzjx8zYzLVj878JmmB99oWwEU6pfHmhmn6-A_rrCQkytlxPNeTGf217syQnwoC896TpYWgq6hapLRQfYUks3313aH-YF_Vz4p5R7vSmePiqhKbZTh2Ka1kytWBJIEQfRoOPAWAuy9iwgsqfHsQpmq0KsvSisdzckJWDBpKuOTJhpDdXABLaotLWBBJIFBAgEGAGSBQQIBRgEoAYugAehmrsrqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2cwH0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDYgUBNAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NzMxMzU2MjI3MzEwOTMwGAA&sigh=01SEot9m8lo&uach_m=[UACH]&cid=CAQSGwBygQiDIX7yxUeBR-0Q6-bru0je4dZduhDv6xgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1684593497&rafmt=1&format=1200x280&url=http%3A%2F%2Fshoot-yalla.to%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1684593549454&bpp=3&bdt=444&idt=297&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8628245862036&frm=20&pv=1&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C44788441%2C44789923&oid=2&pvsid=1589405507026396&tmod=2064045372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=I1zik5NdOm&p=http%3A//shoot-yalla.to&dtd=302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 May 2023 14:39:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 49E6 74 KB
23 KB 153ms
110ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 14:39:10 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxVjs%2BlpxFi5UgOiGH8DqBwFxv4Lb0%2B2oNa7guzD5U7w%2BTKFdXnrKLwsOEybspYMJbyZ%2BsN%2FQcSM4GK4PjtLJf83h%2F5jwbUpnG1SI8lNGZwqOC1Xtf7w7ofmxmclpSmxE23rLBPQNGLxa7Hw"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7ca553dbbb241e5c-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 49E6 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr3qiVJ_7_08BVFDMPECe1-j-U_uOxUFWxRo3ZhJdrzrAkO60PQutDGs5-XzrUQPmjYHFNKSIvCI1kJ_PrLE6X3ccK5kBYAS1dsy7odLkK-WPcMCJCtdL60KOa4TtwmE1qgr_rMAfMB9BOvfDJtuEaRFfzgQWH6x7AFLXMI9VHtszy7-uRxRL6U3uSH_PEwcX2b66XTls4o_py8ENdmVH2MYEXgtd8wXMx-o-7LJ5b-XVqP3xWI8RPN7qSrtwBCovbyHBXKdISg4YlV97kz0yYFUYtyBYPoMPLee-Wdx6JLuXycHg2W5MkB9QTY7I6gAYMHNoXnYwoqb0&sai=AMfl-YTtrg7K8Ne8CBHh7PSpznlaZXD2cycStZ0rG0Xf2QcvUPAO9k7SsHe1fQ-gS_hDILlYO5HJL9_IIDpjqYy0aDoPHBYO2Y9yXE6uaPWK9PB-Hb20VpZVWV2cTNLQISoSuV462wPCiHB2GSHasAM&sig=Cg0ArKJSzN1tYvPDhZCPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 May 2023 14:39:10 GMT

GET
DATA 200
OK truncated
/ Frame 6BFA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d9b173e40c491f43748fd4e7f738bcf5c9f807224d56bdd1729e4b611d9f6ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 83A9 36 KB
36 KB 137ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_FD0664-400_a%26w%3D600%26h%3D425%26resmode%3Dsharp%26qlt%3D80%26v%3D1%26exclusive%3D1&ups=1&v=3&w=800&s=Wbqvi1hOaTRaUb06GzZWn575

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61a4f40c1ffaff58a0ee0520bb455f836539b781e152d5797a93c4c6aa57fc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1800
content-length: 36616
expires: Sat, 20 May 2023 14:48:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 83A9 35 KB
35 KB 153ms
44ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=15718&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3730%2F151210%2Fd5b313d56607405fb0492839d2fd03ea_logo.png&v=3&w=1200&s=Kq0QwGTToO4vSYDhKMzy1Voi

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

835d372a47516563e001eb1e3b4098410f30a0e48b4e02f61c285d97d4e06d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 36118
expires: Sun, 21 Apr 2024 09:13:08 GMT

GET
DATA 200
OK truncated
/ Frame 83A9 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 5D77 35 B
602 B 55ms
54ms XHR
application/json 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 20 May 2023 14:40:02 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: PHzf6dNw79o-Hol0HporrBVSzYFrxsxWs1sOYkVY3dUyAfOd_aAgbQ==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 5D77 35 B
601 B 74ms
73ms XHR
application/json 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 20 May 2023 14:39:10 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: Kc5Js5tFb3aNNrcCh99pbdn-easQmnwXRefcahTPrLalFms-QVCBSg==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 5D77 35 B
602 B 76ms
76ms XHR
application/json 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=D3CK1cD39VOn0n-Edb8t&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 20 May 2023 14:39:18 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: Ih7M-faFZIeyqv_LvRMx9SS9VqEZNW_iMVqA5I1IU-uiCO1EAEWtDw==

GET
H2 200 lgn.php Show response
cat.fr3.eu.criteo.com/delivery/ Frame 83A9 43 B
348 B 187ms
25ms Fetch
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=539QvzupQ2UqH6A4GDUe3iPVZ-ZX8ejvkj-Pp0o1m3F8ppqWu3YgAcPFkWqkoUVp56E1BT5vTZWewzKofiRp4NNbVQsa-1OqXVYKtPmPxDzW45FxBPjn-PlJm4_WSsrTyikUUM8a8R2I3eWvRLvRQkSA2waeSoUdi0t7yXSOetmI3wcpSYd4Jqj5vCrI2x_1m1aWMX6dHp8YpIRk_OiePr0CSp0sdLHb1CdwVPVmW0T3wPXfs5rMYFSzQ19rTigdWLDr5XQv23ivzuYmhQEXAHH3afAcuiSlbOeTTt4MLSnnUDZngo8XShxFmgKO_5n6uVYWj_2DpLMq3Zo90wBdqMIXWe5w8vNSknxaIfZqYqNm19hIJ3iZFChbrCvmzw9WmNqEPXSOCAu9uPpobt_oUAHxKKZ7G045_8Bk-Q-sCVgb7A_u&z=ZGjbjQAJ6pQK7fgZAAcvFqAlrWpkPsHD_fG0gw

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2050989
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 83A9 0
0 95ms
24ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k9LjDe66IgAAnYNiAgIAAADklvfsdurdMAUgMBsJOY7bEI3baGSVmIwjzGGavQqFAAASAwEKCkFRVUJEd0VCRHc&wp=ZGjbjQAJ6pQK7fgZAAcvFqAlrWpkPsHD_fG0gw

Requested by

Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:09 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 159999
server: Kestrel
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 83A9 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cnlp8jdtoZJTVJ5nwtweW3pyoA8me0rFc9dqW93DAjbcBEAEgAGCRhICA_BeCARdjYS1wdWItMjkzMDgwNTEwNDQxODIwNMgBCakCkmz4C7Mgsj7gAgCoAwGqBOoBT9A4g82zEisYYIxESVTWWjouhcImX0ShdMDK2r1wFgVDejyDG7Recvlq2aOUMzAGLWIvhqYNdjXsn9YhtxbaOXDRxbwz5LcO2d7Qm72FTepqMNMCMUuv3B3cpDjiUzziOKjHWRJaK1K0wMMpzmDq5RU9nnc5eD3SofOzX-HgWe7ezKrHTOSpY-ZwmeyNqPHvkBSMzFi4uLT4_V5xhw7VTeVeko08QcuZfjdTN4RejIR9Gp0ZAyYrkMTYIXuY5tJHYxxgquuGXmomIu_GccBbZa_stSkWRd8JB6g4rKKeDnsqSZrWHHYAOo6h4AQBgAba6qfTsv6dmdEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yOTMwODA1MTA0NDE4MjA0GKaTdg&sigh=Nn-Z66YH-_g&uach_m=[UACH]&cid=CAQSSwBygQiDqefcNsEupvLF3NGB5pm7myQkJBsLOMMoIbww1bQqtqGXi7yJYsOT55pWuNxqXsSW65P62mlcbno_SvgglpRkOMozV01_LRgB&vt=10
Requested by: Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 83A9 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0uKSjdtoZJTVJ5nwtweW3pyoA8me0rFc9dqW93DAjbcBEAEgAGCRhICA_BeCARdjYS1wdWItMjkzMDgwNTEwNDQxODIwNMgBCakCkmz4C7Mgsj7gAgCoAwHIAwKqBOoBT9A4g82zEisYYIxESVTWWjouhcImX0ShdMDK2r1wFgVDejyDG7Recvlq2aOUMzAGLWIvhqYNdjXsn9YhtxbaOXDRxbwz5LcO2d7Qm72FTepqMNMCMUuv3B3cpDjiUzziOKjHWRJaK1K0wMMpzmDq5RU9nnc5eD3SofOzX-HgWe7ezKrHTOSpY-ZwmeyNqPHvkBSMzFi4uLT4_V5xhw7VTeVeko08QcuZfjdTN4RejIR9Gp0ZAyYrkMTYIXuY5tJHYxxgquuGXmomIu_GccBbZa_stSkWRd8JB6g4rKKeDnsqSZrWHHYAOo6h4AQBgAba6qfTsv6dmdEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yOTMwODA1MTA0NDE4MjA0GKaTdg&sigh=vR63FennKgM&uach_m=[UACH]&cid=CAQSSwBygQiDqefcNsEupvLF3NGB5pm7myQkJBsLOMMoIbww1bQqtqGXi7yJYsOT55pWuNxqXsSW65P62mlcbno_SvgglpRkOMozV01_LRgB
Requested by: Host: 03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
URL: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 6BFA 29 KB
29 KB 76ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 33270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 05:24:40 GMT

GET
DATA 200
OK truncated
/ Frame 83A9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cdd6e7372d5a6f08bbbc62690bd5600c40eacc5d859bd75dabf2272bc2bef43

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame AA50 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 17:01:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 83A9 16 KB
16 KB 30ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 581734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 21:03:36 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
224 B 21ms
20ms XHR
text/plain 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/qtNU0/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: http://shoot-yalla.to
Date: Sat, 20 May 2023 14:39:09 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 css
fonts.googleapis.com/ Frame 6387 2 KB
643 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378860&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684593550349&bpp=1&bdt=816&idt=0&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.3vvs2lm7i9gr&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 13:48:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6387 604 B
919 B 25ms
24ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:17:15 GMT
x-content-type-options: nosniff
age: 15715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 May 2024 10:17:15 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 6387 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 17:01:15 GMT

GET
H3 200 countdown_handler_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 6387 17 KB
7 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/countdown_handler_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e649b35544088098b1377693fd69e8ce8ab1fe3b34f67c45f020bfd14620f6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 18:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7159
x-xss-protection: 0
server: cafe
etag: 13098519130539972958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 18:04:25 GMT

GET
H3 200 25c1ebd307027cb6cde802b753523349.js Show response
www.gstatic.com/mysidia/ Frame BCC7 8 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/25c1ebd307027cb6cde802b753523349.js?tag=client_fast_engine_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3684
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:54:28 GMT

GET
H3 200 48834a53d2227a45ef04b6ce228117f4.js Show response
www.gstatic.com/mysidia/ Frame BCC7 9 KB
4 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/48834a53d2227a45ef04b6ce228117f4.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60920e71903ffbb146e99b7d2832be20ed85c00b8a733a8657bdcef318c79680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 21:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4071
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:39:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 21:55:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BCC7 9 KB
932 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 14:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 13:37:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 14:39:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame BCC7 2 KB
765 B 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame BCC7 22 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame BCC7 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 13:04:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame BCC7 19 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BCC7 0
0 80ms
28ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqAWQVGqV8YPpxNwcI0sDq4rtXIoVx1x5HqznOFFSUBOS6IvJaIqwj141BEAe11S6aRFJyAbhHUpIQlN893nAtmUzhww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378860&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684593550349&bpp=1&bdt=816&idt=0&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.3vvs2lm7i9gr&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCC7 170 KB
53 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:11 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame BCC7 32 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:46:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F82F 0
20 B 60ms
57ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=2&src=1&stats=1&timing=652&event=prf_suc&client=ca-pub-7731356227310930&bow_v=r20230517&js_v=m202305160101&fetcher=adsense&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E456 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378860&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684593550349&bpp=1&bdt=816&idt=0&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.3vvs2lm7i9gr&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:10:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6076 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 27071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 07:08:00 GMT
etag: 48472445140208031
expires: Sun, 21 May 2023 07:08:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6076
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEd6IBxvnk1FCswCpKV42Ys&google_cver=1&google_push=ATf1kGNRehcPXAgOFHPPABPw8tvS9sDFFo9oq3x4C-da_KPkcMlYI2-ftG9MkGWHAjdzFV6GfZTGPSjoXdEjgbnBEfda7u1uAFnrm...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA5NzIyNjY3MDQxMjg5OTQ2OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJkjEF299CYf1YqxdVuTFZQ&google_cver=1

43 B
398 B

167ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJkjEF299CYf1YqxdVuTFZQ&google_cver=1
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 May 2023 14:39:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJkjEF299CYf1YqxdVuTFZQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6076
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPElVLoXlzC1dz0JPpnwjso&google_cver=1&google_push=ATf1kGOVulil3zcaNHlYm6IohuExSkt-vtCnvfIfzxJ_1E3ofybbCjdAhGvsiEzGpZIb-wAlzP48jyLtGm_S6ObWkelRtyMycAJbUG...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3109CBDCACBF458E8513B03F59F2ECE5&google_push=ATf1kGOVulil3zcaNHlYm6IohuExSkt-vtCnvfIfzxJ_1E3ofybbCjdAhGvsiEzGpZIb-wAlzP48jyLtGm_S6Ob...

170 B
329 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3109CBDCACBF458E8513B03F59F2ECE5&google_push=ATf1kGOVulil3zcaNHlYm6IohuExSkt-vtCnvfIfzxJ_1E3ofybbCjdAhGvsiEzGpZIb-wAlzP48jyLtGm_S6ObWkelRtyMycAJbUGZHfJeK7gfsB_KKrbMi8GejG_9fcGEIrHTrtgv2UA-OOPQcQMRWCf3aow

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 May 2023 14:39:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3109CBDCACBF458E8513B03F59F2ECE5&google_push=ATf1kGOVulil3zcaNHlYm6IohuExSkt-vtCnvfIfzxJ_1E3ofybbCjdAhGvsiEzGpZIb-wAlzP48jyLtGm_S6ObWkelRtyMycAJbUGZHfJeK7gfsB_KKrbMi8GejG_9fcGEIrHTrtgv2UA-OOPQcQMRWCf3aow
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 19 May 2023 14:39:11 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6076 70 B
265 B 114ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF7RK0ONzmEtnK9alkFdO1I&google_cver=1&google_push=ATf1kGMp4EtFSdlyQOcWWj1yXAiDcCAeFp55ApkOaYRz3u1dU8M1L6FaV99txeYvxw8NzFyoNPWcopis08oAbcJVS8l4FPp7glh2iTK03qPAAYYiiL7wIsFNYpQ_HUZmqd26q7hWilDjT7To1lfEloGwjTS6eB0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378860&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684593550349&bpp=1&bdt=816&idt=0&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.3vvs2lm7i9gr&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6076 43 B
363 B 89ms
24ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEJTc5AQhdBXCAQYPYa7L5Ws&google_cver=1&google_push=ATf1kGMT6NUF76rIDRzhDXB7gGa-K2YIB0qGXSsMq6TMOBmBL4_pnkEhNWdqobPCuHcg3_twPDBOqdlzPzFnAOkFWDOaoeMbALzB7XCm4vHsD56BMBTD_Aos1Smo2kqmibKZuZss4AR_SyMdsGFGXyTFDco74BI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:10 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 233687
expires: Sat, 20 May 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6076
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oMVTB5IiTkCxgna7xtOyQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oMVTB5IiTkCxgna7xtOyQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNQatMgZLT5WMeKD2AP_k8FBEacj3_xztnVjr6JV5ukGyZeKbtgLRyMH1AdReq2LWLrVvS_eYVkymacnYxyAPpUXKJA2wj-hm5fkfTwkqu3bjKDqfkd3pnywFpl_iXOj6nL7yCNLN2iNo97jJ-9H_mi1-I

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oMVTB5IiTkCxgna7xtOyQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNQatMgZLT5WMeKD2AP_k8FBEacj3_xztnVjr6JV5ukGyZeKbtgLRyMH1AdReq2LWLrVvS_eYVkymacnYxyAPpUXKJA2wj-hm5fkfTwkqu3bjKDqfkd3pnywFpl_iXOj6nL7yCNLN2iNo97jJ-9H_mi1-I
date: Sat, 20 May 2023 14:39:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame 6076 43 B
297 B 239ms
27ms Image
image/gif 2a05:d01c:1d8:8102:fd0c:1957:83f2:b026
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDh4FbRazWR5qsRBoD2F4LE&google_cver=1&google_push=ATf1kGPl6w-PULhg2O2vV8wpgAfCTdVwsuKZKiQGGzotKo8RNeVs-amuIDeT7nFpOyhu2UA7hoq9WY0_fEchhbEsJDHLTZeja9o2KR2QWyvJCfv4tPS6UKDGlx6rYfuwXP-pQpTcJTdxSTs3kGsLfY2Vm7eDTgQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378860&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684593550349&bpp=1&bdt=816&idt=0&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.3vvs2lm7i9gr&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:fd0c:1957:83f2:b026 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6076
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBiBcYsJQ0u0zLhceTK-piI&google_cver=1&google_push=ATf1kGPfARFtVTqmU-_Kdht8uefAcvDub95QXwdyDTICRh4hsdlNnI-wBsqGX8V6pk...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPfARFtVTqmU-_Kdht8uefAcvDub95QXwdyDTICRh4hsdlNnI-wBsqGX8V6pk5oRoF3f-wiw1sMTfsj7FzN_YIm0USS8IivJ_NWSOsEnMkJE1...

170 B
232 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPfARFtVTqmU-_Kdht8uefAcvDub95QXwdyDTICRh4hsdlNnI-wBsqGX8V6pk5oRoF3f-wiw1sMTfsj7FzN_YIm0USS8IivJ_NWSOsEnMkJE1Uxz-K3k1hMrzEXszkDu9HmbExIvoZxFDG6JnilP2bXAdTE&google_hm=LXhQ44W-Qm2zejtxO_vdxxM

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:12 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPfARFtVTqmU-_Kdht8uefAcvDub95QXwdyDTICRh4hsdlNnI-wBsqGX8V6pk5oRoF3f-wiw1sMTfsj7FzN_YIm0USS8IivJ_NWSOsEnMkJE1Uxz-K3k1hMrzEXszkDu9HmbExIvoZxFDG6JnilP2bXAdTE&google_hm=LXhQ44W-Qm2zejtxO_vdxxM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6076 0
130 B 92ms
29ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JC5FPZrbYZAIf1m-n4gAXqS1YufNJBwR1FYBxFN7B-c40CCpEMoJYiC9cOdL3eK8-UVow9Yw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E456
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
34ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:11 GMT
expires: Sat, 20 May 2023 14:39:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame F82F 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css2
fonts.googleapis.com/ Frame BB0C 4 KB
671 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 13:49:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 14:39:11 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BB0C 205 B
229 B 23ms
22ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:42:32 GMT
x-content-type-options: nosniff
age: 3399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 May 2024 13:42:32 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BB0C 604 B
628 B 22ms
22ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:17:15 GMT
x-content-type-options: nosniff
age: 15716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 May 2024 10:17:15 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame BB0C 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 17:01:15 GMT

GET
H3 200 25c1ebd307027cb6cde802b753523349.js Show response
www.gstatic.com/mysidia/ Frame FC1D 8 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/25c1ebd307027cb6cde802b753523349.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3684
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:54:28 GMT

GET
H3 200 2cb5797678a2238b00a87eb3f015c6c1.js Show response
www.gstatic.com/mysidia/ Frame FC1D 18 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d45697bb893eda89b558f45671f79d90d700fbfdbc48bef7d2416bb706b645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 21:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7715
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 21:26:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FC1D 9 KB
932 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 13:34:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 14:39:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame FC1D 2 KB
765 B 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:34 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame FC1D 6 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:42:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame FC1D 22 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame FC1D 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 13:04:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame FC1D 19 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FC1D 0
0 29ms
28ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoZO6EKoDeN3x86kOVEQzAUg_hVKIBsuVQ2fhzygLV7-ZvUCPcS3ZxdkArskUM-vFF85j_IAr0RU-Plf4q_kcS_R9v2Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC1D 170 KB
53 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 14:39:11 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame FC1D 32 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:46:22 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAABxAMAQKDRADIQAAAGhmJlJAMAQSGkNNbnVxWUdRaFA4Q0ZRYS1ZZ29kOG80SFBBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAEEhpDTW51cVlHUWhQOENGUWEtWWdvZDhvNEhQQSIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2CB 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:10:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5F71 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 27071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 07:08:00 GMT
etag: 48472445140208031
expires: Sun, 21 May 2023 07:08:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAACZAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAADA8NFAMAQKDRASIQAAAAAAABRAMAQKDRATIQAAAAAAAABAMAQKDRAXIQAAAMzMrFRAMAQSGkNNbnVxWUdRaFA4Q0ZRYS1ZZ29kOG80SFBBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F82F 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=1&src=1&stats=1&timing=876&event=prf_suc&client=ca-pub-7731356227310930&bow_v=r20230517&js_v=m202305160101&fetcher=adsense&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F82F 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=start&name=bp-game-afg-egg&frequency_cap=30&last_intr=1684593551217&event=adbr_cl&client=ca-pub-7731356227310930&bow_v=r20230517&js_v=m202305160101&fetcher=adsense&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BB0C 15 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 596096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:04:15 GMT

GET
DATA 200
OK truncated
/ Frame FC1D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15dc76f7ac6f5ebfeb79889224b4071bc63713964fe5c56e83b7c4d4d4800b93

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame FC1D 29 KB
29 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 33271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 05:24:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F71
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBBidZYy4d_K1yhFdlTTy9I&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBBidZYy4d_K1yhFdlTTy9I&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RFVyOVlObk8xUTBuSko1&google_gid=CAESEBBidZYy4d_K1yhFdlTTy9I&google_cver=1&google_push=ATf1kGM0kG9CrAJ6T7lsQhWNV6HDnQ5TAQE0yw6n2XKcuIx...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RFVyOVlObk8xUTBuSko1&google_gid=CAESEBBidZYy4d_K1yhFdlTTy9I&google_cver=1&google_push=ATf1kGM0kG9CrAJ6T7lsQhWNV6HDnQ5TAQE0yw6n2XKcuIxNvx3WFs578FZK6NuEcbZ-qXaZesiiofHCqaCj1BX_uPQYpVNx0WInSd3SLwbEJZXdwkiDy_euZUyx2bTlQNN_n3BqLtd8I7jigMUwXossM9BwF6Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 May 2023 14:39:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RFVyOVlObk8xUTBuSko1&google_gid=CAESEBBidZYy4d_K1yhFdlTTy9I&google_cver=1&google_push=ATf1kGM0kG9CrAJ6T7lsQhWNV6HDnQ5TAQE0yw6n2XKcuIxNvx3WFs578FZK6NuEcbZ-qXaZesiiofHCqaCj1BX_uPQYpVNx0WInSd3SLwbEJZXdwkiDy_euZUyx2bTlQNN_n3BqLtd8I7jigMUwXossM9BwF6Q
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F71
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOrfY6gNLz_oxG43A2j4glo&google_push=ATf1kGOYlodvINBDm_IlTPbieNhx_N1v-fp_bHWuswF9OLcMuhroouIUn1...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOrfY6gNLz_oxG43A2j4glo&google_push=ATf1kGOYlodvINBDm_IlTPbieNhx_N1v-fp_bHWuswF9OLcMuhroouIUn1cuTTG0YUrW-xQW4SXLM0MQrnk09VcS8oaL1pzFU_izZTcCiInxeIaSAAOTdSCgPnUBiAKInt817VWXwvOl0Jh-zU9hfuwEV4Td9-k

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21057-AMS
pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684593551.342246,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOrfY6gNLz_oxG43A2j4glo&google_push=ATf1kGOYlodvINBDm_IlTPbieNhx_N1v-fp_bHWuswF9OLcMuhroouIUn1cuTTG0YUrW-xQW4SXLM0MQrnk09VcS8oaL1pzFU_izZTcCiInxeIaSAAOTdSCgPnUBiAKInt817VWXwvOl0Jh-zU9hfuwEV4Td9-k
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5F71 70 B
264 B 39ms
36ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFmTEjQ5aSFEOvM0YSyrbyc&google_cver=1&google_push=ATf1kGN6dTz6yiMWDhlMz2Vhf1ldITbMOQ1tpl15sxl6Uye4DYFrH1M-H8H4oDwJTZr39UbFw5HzSxU9z_UK_-VH_Tz31NBQOJGT3AQ5SNnMP5TtHIUhoNZNW3e4YqBvM8WdB_uaYugZbS6kvcLZLynCQL0Zk4k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5F71 43 B
362 B 31ms
29ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEKug_KA62T4kr2lxnx74ydw&google_cver=1&google_push=ATf1kGMlyyjZlQfTeNShpuEAvxhc8ayWn6EHA1C2sudhh6BB3RHZAxn9tfGLOG2n6s2V2UGKawja7qkrViiRCdarXlC-FCOPqxQHYFRNQ-Wb7_YMw6sUOhqKo2n3t6dAEassqiaTFSj4czsR_gLB5oDJXEYe4b0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:10 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 288168
expires: Sat, 20 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F71
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oMVTB5IiTkCxgna7xtOyQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oMVTB5IiTkCxgna7xtOyQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMGIG49i4J2Rgd_cQF-Z9bAIgVTr96KuA3nPvarf2VaafGJMKnSAjjT5iA-fuOaDVk7P1kTQJDCw0u5mfGDAR4HSnWYlPVsuoO7qgGazsEAgsfSnczlIeqlApA-cbItsUxbBGe_kT_qwW9vu6IGO8J2gQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oMVTB5IiTkCxgna7xtOyQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMGIG49i4J2Rgd_cQF-Z9bAIgVTr96KuA3nPvarf2VaafGJMKnSAjjT5iA-fuOaDVk7P1kTQJDCw0u5mfGDAR4HSnWYlPVsuoO7qgGazsEAgsfSnczlIeqlApA-cbItsUxbBGe_kT_qwW9vu6IGO8J2gQ
date: Sat, 20 May 2023 14:39:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F71
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN7qX3e3ygjf8J4taDIPS8Q&google_cver=1&google_push=ATf1kGN-txUQNRkt6tmotdBFRKOp0lMHxwGY1RllXtIIyOmySe9djJDqDeZ3xbDYTFoKcYTlElAPPnw9TUCT...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN-txUQNRkt6tmotdBFRKOp0lMHxwGY1RllXtIIyOmySe9djJDqDeZ3xbDYTFoKcYTlElAPPnw9TUCTEYK6IJuX-tiUxJUKEFgXFEVkyE9ZFha8p-H4...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN-txUQNRkt6tmotdBFRKOp0lMHxwGY1RllXtIIyOmySe9djJDqDeZ3xbDYTFoKcYTlElAPPnw9TUCTEYK6IJuX-tiUxJUKEFgXFEVkyE9ZFha8p-H4E6SncxJGa-jEuREUlBopyqD7qII0QeOa6RE5o8I

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN-txUQNRkt6tmotdBFRKOp0lMHxwGY1RllXtIIyOmySe9djJDqDeZ3xbDYTFoKcYTlElAPPnw9TUCTEYK6IJuX-tiUxJUKEFgXFEVkyE9ZFha8p-H4E6SncxJGa-jEuREUlBopyqD7qII0QeOa6RE5o8I
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F71
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECasFGM9_irasGTQGkMJVT8&google_cver=1&google_push=ATf1kGNuYF5J1tQZkmQdsvAZt-WJFblrRc0E6OXatXzkGnizQKmbGVU3lhZdbWaiJU...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGNuYF5J1tQZkmQdsvAZt-WJFblrRc0E6OXatXzkGnizQKmbGVU3lhZdbWaiJUFHV00rGtqAg7LoMq1dfci6f7aF9xtGI9-TLDvBoNnrXLvAgG...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGNuYF5J1tQZkmQdsvAZt-WJFblrRc0E6OXatXzkGnizQKmbGVU3lhZdbWaiJUFHV00rGtqAg7LoMq1dfci6f7aF9xtGI9-TLDvBoNnrXLvAgGXMLB2NfAuGZw0ls7roNyOJAZOu3XxGLDMGJ6ZGWNe8P7a-&google_hm=LXhQ44W-Qm2zejtxO_vdxxM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGNuYF5J1tQZkmQdsvAZt-WJFblrRc0E6OXatXzkGnizQKmbGVU3lhZdbWaiJUFHV00rGtqAg7LoMq1dfci6f7aF9xtGI9-TLDvBoNnrXLvAgGXMLB2NfAuGZw0ls7roNyOJAZOu3XxGLDMGJ6ZGWNe8P7a-&google_hm=LXhQ44W-Qm2zejtxO_vdxxM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5F71 0
12 B 34ms
32ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K7iQ_RzqyEBXTPMU-g8m7-p9n_9OdeHzxU2-aqHxHa6c6mDR1rp_CoFIAv7UYRVNOPrIm7Ow

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FC1D 0
19 B 67ms
66ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvL4-jttoZMnvG4b8igPynZ7gA9Tur8Nw4Kqn2tQR__jR05MOEAEgk5jgd2CRhICA_BegAeCT9O4DyAEBqQKu7hCg_eC0PqgDAcgDwwSqBMUBT9CPRtfoLAGtLEGA0GRIGMIP8SJ0sb7lRHCEonodmXEJ4ADWgpPakQ4Khksyc8iN1IbaS410k9idVaf0GH1Ler2MnjZHLf0ZB4GYgH47raJIWsMfnOybSgdVj7hA4b4tteVfpuOpuj6M2BUyWXlhqybcrZgj0ysoXtJkbGCxaVwxDmJuZRBGB0BZ4EBEQfSnJ_x-M8RPGzir5aQkhvfOyGmP3NSKdGSZnJO1dwVncWZRBhVmUzxgVF30tlwyiEZxQsFLQSTABL-5qcSsBJIFBAgEGAGSBQQIBRgEoAZmgAfe8-J5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQj6sK0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi03NzMxMzU2MjI3MzEwOTMwGAA&sigh=TEZoNIkF1N0&uach_m=[UACH]&cid=CAQSKQBygQiDhxh3hUhjyNi0M4b3nplOq6l02c-yD71URVtoRiU9H8Es-bNkGAE&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:11 GMT
expires: Sat, 20 May 2023 14:39:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAKIQAAAJqZGWFAMAQSGkNNbnVxWUdRaFA4Q0ZRYS1ZZ29kOG80SFBBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAOIQAAAACgmbk_MAQSGkNNbnVxWUdRaFA4Q0ZRYS1ZZ29kOG80SFBBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAEIQAAAM7MjGpAMAQSGkNNbnVxWUdRaFA4Q0ZRYS1ZZ29kOG80SFBBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAPIQAAAACQmbk_MAQSGkNNbnVxWUdRaFA4Q0ZRYS1ZZ29kOG80SFBBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAFIQAAAM7MrGpAMAQSGkNNbnVxWUdRaFA4Q0ZRYS1ZZ29kOG80SFBBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame F82F 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAUIQAAAABwyvJAMAQKDRAVIQAAAAAAACxAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAJqZcXJAMAQSGkNNbnVxWUdRaFA4Q0ZRYS1ZZ29kOG80SFBBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F82F 14 KB
11 KB 70ms
70ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af39ed4eac231fb2a93f42b83bdc9e1401d5be0cb3956dc5297d521f0fad48b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10967
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 71ms
70ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

019fa08b431aaf79c09be29c3822bada14029d768dfb10457f0a8f56530b319a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11143
x-xss-protection: 0

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 99D9 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238073&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684593550340&bpp=1&bdt=807&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=6212190396527&frm=24&ife=1&pv=1&ga_vid=2066930219.1684593550&ga_sid=1684593550&ga_hid=1593280496&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074545%2C31074690%2C44788441%2C44789923&oid=2&pvsid=2715083786127788&tmod=868268521&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.3xej3k3otta7&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 17:01:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F82F 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 May 2023 14:39:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 May 2023 14:39:11 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 49E6 87 KB
28 KB 79ms
26ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 21 May 2023 14:39:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FEA4 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 5640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 13:05:11 GMT
expires: Sun, 19 May 2024 13:05:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6552 783 B
535 B 31ms
31ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a19c33a4b36b8e4a222267fde116a10a50c6d913ff7002bb2ee9399e16b4212

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gy2wVEd_ZsHjJSNfOfyDZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Gy2wVEd_ZsHjJSNfOfyDZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:11 GMT
expires: Sat, 20 May 2023 14:39:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D650 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 5640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 13:05:11 GMT
expires: Sun, 19 May 2024 13:05:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0EC0 783 B
535 B 30ms
30ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b51a1d6ef06c838df6607d73401ced68dd2be1e3a43f60cab49a0bc5f5e21b70

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VAY7Osfrbb3Ng2OXqLXrXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-VAY7Osfrbb3Ng2OXqLXrXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:11 GMT
expires: Sat, 20 May 2023 14:39:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame FEA4 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 17:01:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6552 0
0 54ms
54ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=2715083786127788&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49E6 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfzUtDEidFV623YxsuED8GpkhOufa5sdxBfoj20xMoupMtQQ8Pa138a3Xl4d-VGK4j7OvOcUKw2t8c4LsutG8ffZvLvXDPgV47lexmM17MfR6G8hoq&sig=Cg0ArKJSzFSFnboxZtdCEAE&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2936496661&rs=4&la=0&cr=0&vs=4&r=v&rst=1684593550308&rpt=319&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0EC0 0
0 54ms
54ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=1589405507026396&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame D650 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 17:01:10 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8D00 15 KB
6 KB 50ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shoot-yalla.to

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:39:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 532413
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 49E6 87 KB
28 KB 94ms
47ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 21 May 2023 14:39:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8D00
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=shoot-yalla.to&sn=ChromeSyncframe&so=0&topUrl=shoot-yalla.to&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Zcl463xPRERyVkc5Z1huR0Z2OGkvU1drS0QrRmVoRW02R1BDbWhpZ2FoQ3R5d3NtYTZ5N3M4ZWxFU3Nrem1KcGw5THZJOWhWL044cTdVUW45emFvQXpIUWZDdFZla0xSeW93UTlLK1lLK2c5dm5oRUpKcVppK1lrR1Z3VD...

422 B
650 B

77ms
17ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Zcl463xPRERyVkc5Z1huR0Z2OGkvU1drS0QrRmVoRW02R1BDbWhpZ2FoQ3R5d3NtYTZ5N3M4ZWxFU3Nrem1KcGw5THZJOWhWL044cTdVUW45emFvQXpIUWZDdFZla0xSeW93UTlLK1lLK2c5dm5oRUpKcVppK1lrR1Z3VDd3VGsxaWp4YU5zWFhOQWNlMjNXRE1ZeklkS0swMUtZRUZJTXoveVZ6TmlXU0RkZjRsdDkvTlVzcmttMVowcTFST3RDeXJ0Q1RvMENzOWFxQm4vdm9WQVhWRlVEVi8xb3IvZ0U5aGV0ZDhwWGRFQVBXb2VVT0xsZVBaRGtlY3Y0cFQzMEd1Q015cjRXTStjei9tTEtJeW5BQlVyd3oxd2F2S3VSOE85cVZuZHVtVkkybmw4az18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

91bea6a1593330f37f83029a2986961e3f56b2af66b5a806ee7f3050f7cc2986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1418606
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Zcl463xPRERyVkc5Z1huR0Z2OGkvU1drS0QrRmVoRW02R1BDbWhpZ2FoQ3R5d3NtYTZ5N3M4ZWxFU3Nrem1KcGw5THZJOWhWL044cTdVUW45emFvQXpIUWZDdFZla0xSeW93UTlLK1lLK2c5dm5oRUpKcVppK1lrR1Z3VDd3VGsxaWp4YU5zWFhOQWNlMjNXRE1ZeklkS0swMUtZRUZJTXoveVZ6TmlXU0RkZjRsdDkvTlVzcmttMVowcTFST3RDeXJ0Q1RvMENzOWFxQm4vdm9WQVhWRlVEVi8xb3IvZ0U5aGV0ZDhwWGRFQVBXb2VVT0xsZVBaRGtlY3Y0cFQzMEd1Q015cjRXTStjei9tTEtJeW5BQlVyd3oxd2F2S3VSOE85cVZuZHVtVkkybmw4az18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 309623
content-length: 0
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FEA4 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7UfyOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BFA 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzvohbpq6EUQvS_NSFFRnc49EEr2jzIk_uDLIuTlHFG_Rph8c8-xS7sQfyqhcwQKNgfEuGXAS9w1JVoNsAaaORWCwXtMudl7_XXlfArMy01Vm3yesn2dOxaUhJqqg9L4YERn-yLg&sai=AMfl-YRlng5wu1keYpo6Su6b9ErQKxC2AuX1xBKWEzxia7ie3e5oZC81sD4b4xVO8p42jtdJuf9OXp116i-y&sig=Cg0ArKJSzAdpI2-THyNnEAE&cid=CAQSGwBygQiDIX7yxUeBR-0Q6-bru0je4dZduhDv6xgB&id=lidar2&mcvt=1004&p=0,0,280,1200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2350421022&rs=2&la=1&cr=0&vs=4&r=v&rst=1684593549757&rpt=994&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D650 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GWeviw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83A9 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEuYBNxIdlZgKWf3mX7y7vv3AQDjOZQ29M8UxO5iwWjV0IgtlM25cfsToNZt0LpILdSvXs5DixiaPjxT33JCAm1n8&sig=Cg0ArKJSzKjVG__UyBf0EAE&id=lidar2&mcvt=1000&p=0,0,318,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3191345388&rs=4&la=1&cr=0&vs=4&r=v&rst=1684593550450&rpt=438&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F82F 0
0 58ms
57ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=2715083786127788&bg=!2dql2o7NAAZ8_aWmXP07ADkAdvg8WnSCMBBJtT2Lx9HGiVY4Uc5yWz3Mw8UXHS0MqY9U8a9XY1k2cFnBjYccUU_ECiRrYtUw09YCAAAApVIAAAADaAEHCgCssNoOqzF-FOwx65MR6HqY2mHXw093AwcvyHfsHCNbQ9lJqTstZnrjyc6JaUgtNTa1G0I_pGMcmKRvNr3NDyANsEwpwnFmRPsJG75n2ipCdJ8rKCRoQ-hnf7MCBNrh8N_r6B19s41tCDgHMMEwtKZaSVO30eB9K8g9IDQkIFi15viYe1_pgqELhd97hInBFbWrSOsLf8aRyYanT7lhcVeZJUAQ3dPLjm0U1BpHfZkCzD_uMfIcCj6ZYJGXS1CRabeW-fXZ9QkmPDIaLUGPajexEr8Il5uOEEvDQkxDuKtCgJE23ulp8zd6I58wR1_fy-WiExw3P7PniHP9z2ZMfg_HaAE7gU9j4m9e3FyAHTGjGo4zEamYzW0Xl3wE2EOP7N1WmmUWQBLN8PIGd-ehVQ5_xauvxo_Tnzdw4Mpw0IdaDRP4Y-F-ZOnKJO51eJJAea80it0i2xW29TCUQmFRD36NVNH65luwtWrCAgdmW96wYi2OLtp_NfXfYdYxLJeaTSlFgQbelCjqA9BEo3ktbZ49_8fvPtSImf9u_1Ra483PV2lg6jls1pKLR2nTDkQuliipajj94NVsDT5G0EAwt6g0vW34nxgs32RyqZA3K9TqKx1fKYDMtjhzkixZm7OXDGjN-BDDD-F4tBQlp1JoQuEMN9WoLoJLM0HyawbXKBOXs4hHzYVHQkIiwpFd-IWeRyIL8-CUYq0ZdwuVQt4t9dxF4hlj5v815IZiodMUI_4iYq4SnCroVAvVz4nI_ZExO7kk96mDDKOT7MIZqoLNkCL6KbbdLhvdga9u0y_apdrN2utcIijFxlGelqPt41M8P1VyWVVEJJ6DvMQQJSA2axzsG83kkWyL3vwruUv1cNan5UwaCpiUXVqOtBmLlvrAmToE_hHBR78cLXgR8lnbmcIgV2MXHv4xiG28gOeMmpkaNuuAszd-VB4eEwHR8-Ak4_H7boCErHOFHfAnxQb7CSJL2YLNlfZuWDZ89E-ou6Wu9TQ6BTtoaL-vsBxy0mwqQo_c408NSQkSnaBEbLexBVSptv8XUwcgQ0cSjUagjsrdhYPCSR6T7zEeRmN-cjVFOK02UcfnpoYOB9pEmW-7KaJ3XzgIwaEzwaLX6BHB6SbUHvU60xKMCY-ms5_1JKYxfPkL6zlAgrBfkWo7-oDv9FSXwk6KuVKxmum-xfmc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=1589405507026396&bg=!SkmlSR3NAAZ8_aWmXP07ADkAdvg8WhDaSfYuWH4lRPDx3aqLJQZlKIMQcR9WmAA3Ybw383ovo6I9Ke0Uyh7WDt7qurSXpTNH630CAAAAkFIAAAAFaAEHmQKr5pkqw1zOqGN523t-bALYhWp5Q21gNwujdG4XvHDsu578yEPKXN9mlFwuko6-uGSTw0cyq3j2GkonoAg5_KB9KKv8geGQjqt-73W2LMydaf2wKDJQwP7Qt-cNsrfipOG5QL3OnR3n15k7vNcd7dHcLIWVR4pe4WgwcGqjJlXYtdfu1th8ePO5AZMczAgcnaihyqLFi-l1NbT0XQO9lIqTKLG0c871lC6q3KNKxQb29l9XsI4U7IwVCHkCDwchQRYm6rkng4ZQdkCH4USSjL5NuJ93CUF27jt1DFMepppNKpYO9Ibrbio5pLxU196C4L3sld1iXI1dmHw-I7M9azQiv-ux_-1M9GdSHwfYgilhrxVQ8LAylfuQAvVuVAUx9F6QjaJ6g8-mSpsBHYYrSl6As1NgMA_VWmzy_BtzBEnkf-v20b-agZ38vicaIW3oxjiWmH4XEQznkXnW_kbXCKu6nXZLi3DLXNV21Q3kBP7CvHehHR2odPCHVUa4n1q0_BAmw9QKx5fGAubZgkd_XwRpBKAmGrfYowpkplVcFOEIpZj46ROhXWOjIHSiyumEryuDz_1UCrJtl-xNGO3m_Daob8VfiUP1-3RpGz2avakw_62tuqzI0P-cw0SAL7Le3mmJMDEyT8KwNW5b3fcMH5LdGylukxwrkBZNnaFpLuVcRQ3wvAINi5uLeE7hY7wyx3j6GEF072oA9b7L06Wz-I-Yzo1jzAOVqOxYqmKDGZ6vpG1vNc64cp0EJt54KLRnptrCbec59P9btlXFQ-zH36BEKRShyd0dGUqKSUcoaJm-P27n2CBFESZ4N0IBLmLflbGksVtYcKtKM4D5i-3HQbLROV4lu9ZlJiB_BVceWF1oRPbw-Kxrp2Wj-a-hDSIBdKzrutI0dGHD1f3wjmc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC1D 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-G7B3gLMXZNPitMDcLREIl4gr-o-u0uT9JOSKuynY8Hl7xboqs-K3JVhepkBJrjReP78JZaVDH5_UACLUSdE0INpq8p3MxyKHRzBSUsvWn7UdSb2SVX30Q_VupFC-csOKPCjsGg&sai=AMfl-YQpzTkxuRlBskuAOqfhBWRWJdoIoVvn11ybdPSEZZjQyVLDM1AxvtcSYco3E06KtKbqGMWf7skGzTao0_xAJ6QzxMMKG3WAINM&sig=Cg0ArKJSzAl6CwhKjvaJEAE&cid=CAQSKQBygQiDhxh3hUhjyNi0M4b3nplOq6l02c-yD71URVtoRiU9H8Es-bNkGAE&id=lidar2&mcvt=1000&p=0,0,248,620&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2310436509&rs=2&la=0&cr=0&vs=4&r=v&rst=1684593551129&rpt=296&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 14:39:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 386 B
163 B 543ms
543ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1589405507026396&correlator=1687367193780350&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=5&adks=628812789&didk=2068488282&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=0&cookie=ID%3D35a668f3584075ca%3AT%3D1684593549%3ART%3D1684593549%3AS%3DALNI_MYWKy8VvwSGPZ3SsZvNpKF023PmHA&gpic=UID%3D00000c1b0438a99f%3AT%3D1684593549%3ART%3D1684593549%3AS%3DALNI_Mb9VKVjUEqrAbrDEHqHqkDUhYV8_A&abxe=1&dt=1684593553214&lmt=1684593497&dlt=1684593549010&idt=492&adxs=436&adys=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=728&psts=ABHeCvgWe6Rnuevw-_MUYooPi7qWDXu2VAuu_jqVCWk0Zz9OnSUaaVszLSwf2m067VvT3XOKi5V4kTxxf2aVCcxZcVYFWfuYMe04_NM&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e536eb5a52c7d23463a0f7284af5e97f85655350613b3a385512e4ed282dbe84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 49E6 0
38 B 23ms
22ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
224 B 21ms
20ms XHR
text/plain 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/qtNU0/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: http://shoot-yalla.to
Date: Sat, 20 May 2023 14:39:13 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 386 B
162 B 370ms
370ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1589405507026396&correlator=1025349143505903&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=6&adks=3655774581&didk=149588456&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=0&cookie=ID%3D35a668f3584075ca%3AT%3D1684593549%3ART%3D1684593549%3AS%3DALNI_MYWKy8VvwSGPZ3SsZvNpKF023PmHA&gpic=UID%3D00000c1b0438a99f%3AT%3D1684593549%3ART%3D1684593549%3AS%3DALNI_Mb9VKVjUEqrAbrDEHqHqkDUhYV8_A&abxe=1&dt=1684593555270&lmt=1684593497&dlt=1684593549010&idt=492&adxs=436&adys=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=644&ohw=728&psts=ABHeCvgWe6Rnuevw-_MUYooPi7qWDXu2VAuu_jqVCWk0Zz9OnSUaaVszLSwf2m067VvT3XOKi5V4kTxxf2aVCcxZcVYFWfuYMe04_NM%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1025398253.1684593549&ga_sid=1684593550&ga_hid=566771154&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

addc86b33d0de63c693f5d4f0a5dedc51e32da3d8f5aa77de8f840d37b313b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shoot-yalla.to
URL: https://shoot-yalla.to/assets/fonts/Montserrat-SemiBold.ttf

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shoot-yalla.to/	1970-01-20 21:32:33	Name: _ga_42B0FRBVLM Value: GS1.1.1684593549.1.0.1684593549.0.0.0
.shoot-yalla.to/	1970-01-20 21:32:33	Name: _ga Value: GA1.2.1025398253.1684593549
.shoot-yalla.to/	1970-01-20 11:57:59	Name: _gid Value: GA1.2.1251982989.1684593549
.shoot-yalla.to/	1970-01-20 11:56:33	Name: _gat_gtag_UA_153122498_1 Value: 1
shoot-yalla.to/	1970-01-20 12:39:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.shoot-yalla.to/	1970-01-20 20:42:09	Name: _pubcid Value: d594c8ad-74c2-4b18-aa71-64afb90d5800
.shoot-yalla.to/	1970-01-20 21:18:09	Name: __gads Value: ID=35a668f3584075ca:T=1684593549:RT=1684593549:S=ALNI_MYWKy8VvwSGPZ3SsZvNpKF023PmHA
.shoot-yalla.to/	1970-01-20 21:18:09	Name: __gpi Value: UID=00000c1b0438a99f:T=1684593549:RT=1684593549:S=ALNI_Mb9VKVjUEqrAbrDEHqHqkDUhYV8_A
.doubleclick.net/	1970-01-20 21:18:09	Name: IDE Value: AHWqTUlBR27YPIZtWsa1WDG_YDVXhSa6-HemrZDMyFtNEGC0w5EASSgUh4aRRttYJO0
.simpli.fi/	1970-01-20 20:43:35	Name: suid Value: 3109CBDCACBF458E8513B03F59F2ECE5
.ctnsnet.com/	1970-01-20 20:42:09	Name: gid_CAESEBiBcYsJQ0u0zLhceTK-piI Value: 1
.turn.com/	1970-01-20 16:15:45	Name: uid Value: 7097226670412899469
.pubmatic.com/	1970-01-20 11:57:59	Name: KTPCACOOKIE Value: YES
.doubleclick.net/	1970-01-20 11:56:37	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 20:42:09	Name: KADUSERCOOKIE Value: A0C55307-9222-4E40-B182-76BBC6D3B242
.innovid.com/	1970-01-20 14:06:09	Name: uuid Value: 37826950-1a8c-4b9d-a90d-30ef3d574a62-20230520 10:39:11
.ctnsnet.com/	1970-01-20 20:42:09	Name: cid Value: 2d7850e385be426db37a3b713bfbddc7
.ctnsnet.com/	1970-01-20 20:42:09	Name: gid_CAESECasFGM9_irasGTQGkMJVT8 Value: 1
.w55c.net/	1970-01-20 21:28:14	Name: wfivefivec Value: DUr9YNnO1Q0nJJ5
.w55c.net/	1970-01-20 12:39:45	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-20 20:42:09	Name: everest_g_v2 Value: g_surferid~ZGjbjwALc6svaAA9
.criteo.com/	1970-01-20 21:18:09	Name: uid Value: ba988723-7ebd-4c8a-8250-e7f006977cae
.shoot-yalla.to/	1970-01-20 21:18:09	Name: cto_bundle Value: 2HEvvl9HVXVHT2VZeTlYSGRnR091YTZzaUEwb1BZOVRYVkkzVUp3RUFBNkJXQmk4Y0hNek10MXpMdEpIZ3NJMlRtdHpZb1V5ek1IUDRxNWtwbGJNZloxalIlMkJUcWJaY3ZBeW9ocGw3dmV3NjNCV214V21tQlk2JTJCdUUySnZSM2NxdGZHYjI2TzhFdXA3SEhxeiUyRjBkQU1TTktaRWclM0QlM0Q

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://shoot-yalla.to/(Line 1248) Message: <link rel=preload> must have a valid `as` value
javascript	error	URL: http://shoot-yalla.to/ Message: Access to font at 'https://shoot-yalla.to/assets/fonts/Montserrat-SemiBold.ttf' from origin 'http://shoot-yalla.to' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://shoot-yalla.to/assets/fonts/Montserrat-SemiBold.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

03909ac7214a0f8bf5a796eb74097f19.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
adipolo.com
adservice.google.com
adservice.google.nl
ag.innovid.com
ap.lijit.com
bidder.criteo.com
cat.fr3.eu.criteo.com
cdn.jsdelivr.net
cm.g.doubleclick.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
gum.criteo.com
image6.pubmatic.com
imageproxy.eu.criteo.net
ius.ctnsnet.com
jscdn.greeter.me
match.adsrvr.org
mediation.magnetssp.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
player.adtelligent.com
player.aplhb.adipolo.com
pm.w55c.net
r.turn.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
script.4dex.io
securepubads.g.doubleclick.net
shoot-yalla.to
static.criteo.net
sync-tm.everesttech.net
tpc.googlesyndication.com
um.simpli.fi
web-api.scorarab.com
wrappers.geoedge.be
www.boomplaygames.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
shoot-yalla.to
13.32.99.38
142.250.185.162
143.204.68.51
151.101.1.108
151.101.194.49
172.67.141.250
178.250.1.11
178.250.7.11
178.250.7.9
185.239.173.66
185.64.190.78
188.114.96.3
188.114.97.3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.10
216.52.2.6
2600:9000:2240:400:2:d490:4d80:93a1
2606:4700:20::ac43:4bf1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a02:2638:3::10
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::c
2a04:4e42:600::485
2a05:d01c:1d8:8102:fd0c:1957:83f2:b026
2a06:98c1:3121::3
3.124.43.147
35.186.193.173
35.204.158.49
45.133.44.4
51.75.86.98
52.223.40.198
019fa08b431aaf79c09be29c3822bada14029d768dfb10457f0a8f56530b319a
04c19866871960d5f764a0e629213d45cb3670fa273ded92884b05f1310bfbc1
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013
0aa012da0bfcaa80d5e8683e1acb4af0858b2c968eb4645fbccd2db47cb25734
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0c7052bc55f0bb13f31f5720fd8a772e06caa9437fc7dc360071152cd0a63336
0d8f097b0126cc8db0c39f4fcc805f1456d5df20f7535e1628b1f0aaf0339a7a
0d9b173e40c491f43748fd4e7f738bcf5c9f807224d56bdd1729e4b611d9f6ff
0e86d606bad0030278799ccaaffbb18fc288fc473369c9a32667ec151f3d4706
136a8745aa5e94cb6a43e34db19a6f30ef2d0d185ddf21e4c4572b16d5f17f92
1374b8f07fff158a285cae4f10364b53b430f5460c29a56e7069c5044541d12b
14c5028b5275feb8dbb123db86c5991e5c98b67390ddd8a752eddf42822f0173
15dc76f7ac6f5ebfeb79889224b4071bc63713964fe5c56e83b7c4d4d4800b93
160b1af6e3329dbe33f5935f028ae382840fe4dee29c016a6b6f47f0b22ff41f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
1fee2a53c22eee5dbc27c6a32267a0f2230a74d668c72261c76b04f40545af16
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
24b88da02687f5436ca46111be2e264021130e660393d15449d273b24823de8e
2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2b5e514ddf435d4cb0a3a0fe4a150353871e3ee33d18158f1ac72efa3ac75aa0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36a9974ed04c06c2ed75046689c7cb4c14d6e13f6e300112446ca9febbb04f
2eddd85223d77f04ded4faf0ba791f164dd516b170b357c8064987382e0ebc56
2f709b181443c502413f6334c6c901a54e0732bd9d807eab2ad87b843baf5270
3011a7d71e7124007ebb0d7bb4918b3da48d2d0e2a09f4a4ba53c5fc561b3fbb
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
314ab273b05c7814cdef93126a2e497d0a0acc31d74cbcf426f50274a25cb0b8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35ad92bb2e47d63ce3250b038f2c017eacfb824a3dd8def98d2c4df41bdfa82d
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
39fde244679bd9a24777dc6fce8ea8b32b86b15521ff1c3d170ebeb999fb099b
3cdd6e7372d5a6f08bbbc62690bd5600c40eacc5d859bd75dabf2272bc2bef43
41396bfe0a420dfd71639b33e05f526432dc171561d084c52b304ed1bbf7cf54
442f9c8c350b9f1bc4ac9c52b07be2e41e9c44ea137f63536ad7cb7fec9a53e5
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
46177cd2f07246fba079770c4f3f98616a0ccbb77342a27f9a6b28d014fd9ec9
46694a456711f854acf918bf369e0ce435264b9bb101fe05b5605ef4aa68fe22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471d1441e10580906ddefbe4cfb90f60ba5a73ff217739fdb927a06d38694ab5
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bb033ea7a2a04c5459311db0d05fdf49fa1c1478b61e7db9e8358dcebfc9504
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
504b929085c2089f382ab1f3a25345df29ba3e2496bb2300b142862d12718ef0
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
5239c90a77c7216ec8a627a19e04b79453d6a66243ee8643e4588835f7414f46
53c8e12b1eecfdd19a3dd422e55c59fa464b5b8d79c1c3a496c5464012a7c2e0
553ae0bf096177f4d85b26a41d255124f5e812a830cc2b47a7fda8d2c05a4cb9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5994c55207d005fd83ddefe1120d13e65bc58cd54cdb13ebe55508b299b23bb5
5b611e89fa1a6b58cbc1db830dffd3ff972ce5727f6397510a60332cc2218055
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7375bd806cac2324392b211707066ddc00d31d23ad5473a98d3f204ab58363
5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a
60920e71903ffbb146e99b7d2832be20ed85c00b8a733a8657bdcef318c79680
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
61a4f40c1ffaff58a0ee0520bb455f836539b781e152d5797a93c4c6aa57fc3a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3ceed2256e78d1d6cf8ca4405b9204e43ed8dace787060fda3e822204fdbf5
6e3eec785c1a54f5eafd1a43568569258b0721018e6da3efe45317a49b2757e4
707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb
708dcb948349f6ad1a6166489524f1fa263ab0b9c0ab72acf193f40ae2cf77a5
714e12f6093f5ffbf0c50cfb2051c9c85b86e0bde08696b8d7763881da70dd85
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
7552d23333cc01dde25fda805b32d299e31e010d5d416d582c99035a0f98b1b2
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a19c33a4b36b8e4a222267fde116a10a50c6d913ff7002bb2ee9399e16b4212
7a2666d49e3217edc365cfd57f00673ffb2b9e3752d418b3ddae54a5006ca82c
7aa19965303ac1c9e92c72842cf74e59d5d0a6096997e309de5c31a8f9d5f906
7d831e121563f442bb2f84909f710a0c9cc68a17ea5a9ab8abb31dec500e7dd4
7df4cb45e2a46b173647a88e91fb054cd872c67961618c893741387cd562c311
817504c104c8071a04f168dcc245705cb9641f44d97b2692ae5abe5e011c02e4
820c054ed0b919e5cd721ba3936a3346b267fd390dc2721836ea11b8692f76af
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8339bf8d365814822ce69418155ca46945c901201a05f210de3b2a96ab3e9460
835d372a47516563e001eb1e3b4098410f30a0e48b4e02f61c285d97d4e06d57
89d45697bb893eda89b558f45671f79d90d700fbfdbc48bef7d2416bb706b645
8a752f1ac375198e04165d444151bbbfdff383b50569192acebc2bf4a43bc6b0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f6bc8f197e35eed1fdc944a3252d6e16a85e1b929ea958cd5bfb368ae5cc772
914b6adec04073c5088eb4efae9c32e937a9679af704705006efad5b89a1cee3
91bea6a1593330f37f83029a2986961e3f56b2af66b5a806ee7f3050f7cc2986
9379d780b6b76f5e73c94b233bfd6de2fb25a0fe1c30271d312442bd5db96a7d
95c03596aa5342e6dc64b5c7e075cc5023788a63371a52796f2d282f8c3834a9
96a429ac33cfcfc2d103117a108fac0985c3918c32e9043ef346858700e9671f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c314b09bcbde2f9381e243d4d9ead0f61ccfb46e1e2a3450e3a2c98d076d8f2
9c3b2fc22525656053045a72e83f5b6f2d063968a23878c2d311bd78cbaa6177
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a2cd0832a50fb1f4543916df4a400e19ef5a2fd65d25b3b60de2a9cc13aa5399
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6482849860cec9c85f0b28a58d829013b52b1c774f20255cf6100f66c1ab46d
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
a8f874c068827b539177d9175c1d6fa6ddb288557fff3f7f6d6b9a7149b8942d
a992a00b7b34c3631f86ebb382a7a1df3be1fc30b2ff3d6fc16d2f7629563b8a
abf64955787e03ed89fea96b5b726096b5ca6bb1252d6fbbdb2bf8f0880d888d
aca3698b958fd7285f9473d0ed6dccc0d589ea39b36532ff70475502b5db470b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
addc86b33d0de63c693f5d4f0a5dedc51e32da3d8f5aa77de8f840d37b313b65
af39ed4eac231fb2a93f42b83bdc9e1401d5be0cb3956dc5297d521f0fad48b1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b24b97eba7a64f23317020f937bf3852cf87bc699bca89c65df2893773654d7f
b51a1d6ef06c838df6607d73401ced68dd2be1e3a43f60cab49a0bc5f5e21b70
b6c2098e801ad734931dd2a8e7249eb0c03d8e4059efcf635cc1dc9e5de48e93
b87b79377d8131052c123fa943bb3322a8bdfeb5a25badd0614c6e289f865c73
b91e8c3cec36f126517393639b358f48f77d59685ab49e144508d27a83539499
b96e5b09e3d065156f688f56a6cc3a68ccc93a2fc99c503d86a1c5d137fccdce
bc93536ecc5ad8264afcabff4622f1e17032476dd019b77149c54a37f79d37c8
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
bfeee43dd59cd2b8551540d10d93d443a6def52cec6cce73892b90a7aea207b6
c153e48c932bf3d64e13de12214b0d50cb696afc17ff8a8e4e8f65763c66f264
c334fe640b85a39b39afcb3fb696fb65a0f38f61d4aa04e4daeb4b2736721a53
c4ff14be65129244029a5cf4926e3428f3fc0103d937d1e90aa51ae7d477fe14
c73e32112ded71759b5985f0025184e985ff1562d994458b37b93452ec1b6e9e
c9be495c6f46ed16531bd0a7b676c94b65117f19fa29b3d95e871e36c880ed0f
d0fbc8a5a8751837b5974c0ff530b06594f6bfc33091bf3ec4ec42bde94931fb
d4eb0c6cf14d3afb9d16bfb57e9e248c5568aca1b979835337c3f1bd540c82af
d50e12b32a9f597e7db520fcf93c0db0703ce8b2f22977ca7e8b8d7297f06bad
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da59fa800c5c75fe3f9a7c2d6efba7440864bed5212d726acd5878471c940721
dad8ae9ca982fb116a8dcbef8c54452136868e32878268c4d138064faca9cdc5
dae9fd33d9e3001a615835522f0b662db30b16fc7eed0d41752d66b9c4c6392c
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
db9725a00f53ca2f3a4140f8cfda2bf9e4dfb7118d1dcf68306fb778469ed729
dcd83f868aa0c709c703e1987838d34bac9d4e74a20ef11b6b4996ecd16b7f98
dd6b6ff35ef1765774888b1d61aab8bdcde0ea8519e17eb76f214414b7f76262
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de120dcc4865233ee40c06dcaa8074d43f63ac77dcb9c8d66aeb30bf0d49f340
e012a6033cdb032f733bbcaf318457cc2f4514b6461b7e7c97dd1d37c1f93b90
e06c7d4cdd3fd5561271eb899062a7f4e2f590ec769512d57981ca3afbdcd4f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e536eb5a52c7d23463a0f7284af5e97f85655350613b3a385512e4ed282dbe84
e649b35544088098b1377693fd69e8ce8ab1fe3b34f67c45f020bfd14620f6ce
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e91f7c9100b29e970256e971ffe5550b966759fd7d56654b3f1565c4f64e9ee6
eb5de2d9da94a7ae9e21db3f68810c77fa2308dbb8c5c737d8407bb88dbf73dd
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01e3bb73a3658237d8fb499f30bb744e795531bdace4f58bfee17be6bb7f78e
f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c
f1655638a65cd1e95ec146443ddc503e00352f0e6c7d8b04399920a916ccff0e
f2f981cd0c42bb4a1b60734d0d38d3e0cbbc63252b92a7b93427c85d9fbbbfb9
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8496f53bbbeafebdcdb4b739c214ff0d9e03af1ba343aa5b0fca4f0d92286ea
f8cf399463d383295b06f1e067b78a179cf882f1b8345a7757187c6b61e6132d
fa602dbac3c6503fbbb0f38c49a084f016960090e03b8c6e158c7f77a667198d
fd368903b585b77c5adcb3141a978bc46a80078149b0f4697b11bfbb1710987a
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68
fff10903116ccbaa3eb3c2111170db8a657c17fe0f2ae753532f04c417ea7959

shoot-yalla.to Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

262 Requests

93 %HTTPS

56 %IPv6

33 Domains

49 Subdomains

44 IPs

5 Countries

3559 kBTransfer

8574 kBSize

23 Cookies

6 Outgoing links

Redirected requests

262 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

shoot-yalla.to Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

262
Requests

93 %
HTTPS

56 %
IPv6

33
Domains

49
Subdomains

44
IPs

5
Countries

3559 kB
Transfer

8574 kB
Size

23
Cookies

262 HTTP transactions
12 data transactions