cu9.yalla-shoot-new.com Open in urlscan Pro
2606:4700:3031::6815:6032 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cu9.yalla-shoot-new.com/
Submission: On February 20 via api (February 20th 2024, 10:42:04 am UTC) from US — Scanned from US

Summary HTTP 136 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 1 countries across 14 domains to perform 136 HTTP transactions. The main IP is 2606:4700:3031::6815:6032, located in United States and belongs to CLOUDFLARENET, US. The main domain is cu9.yalla-shoot-new.com.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.

This is the only time cu9.yalla-shoot-new.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3031::6815:6032	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:400... 2a04:4e42:400::347	54113 (FASTLY) (FASTLY)
6	2606:4700:20:... 2606:4700:20::ac43:4870	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2607:f8b0:400... 2607:f8b0:4006:806::2001	15169 (GOOGLE) (GOOGLE)
1 11	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
27	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81d::2006	15169 (GOOGLE) (GOOGLE)
9 12	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
6 12	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
4	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
136	20

2 2606:4700:3031::6815:6032 (United States)

ASN13335 (CLOUDFLARENET, US)

cu9.yalla-shoot-new.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::347 (United States)

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4870 (United States)

ASN13335 (CLOUDFLARENET, US)

imgs.ysscores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80e::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.40.162 (Queens, United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.151.101 (San Francisco, United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.67.160.75 (New York, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	885 KB
28	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 113 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 ad.doubleclick.net — Cisco Umbrella Rank: 149	201 KB
15	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 59 blogger.googleusercontent.com — Cisco Umbrella Rank: 11252	255 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	8 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	10 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	1 MB
6	gstatic.com www.gstatic.com fonts.gstatic.com	63 KB
6	ysscores.com imgs.ysscores.com — Cisco Umbrella Rank: 173237	88 KB
4	statically.io cdn.statically.io — Cisco Umbrella Rank: 8351	137 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 434 fonts.googleapis.com — Cisco Umbrella Rank: 48	33 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	yalla-shoot-new.com cu9.yalla-shoot-new.com	46 KB
136	14

	Domain	Requested by
33	pagead2.googlesyndication.com	cu9.yalla-shoot-new.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
27	tpc.googlesyndication.com	googleads.g.doubleclick.net cu9.yalla-shoot-new.com tpc.googlesyndication.com pagead2.googlesyndication.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com cu9.yalla-shoot-new.com
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
9	lh3.googleusercontent.com	cu9.yalla-shoot-new.com
7	s0.2mdn.net	googleads.g.doubleclick.net cu9.yalla-shoot-new.com s0.2mdn.net
6	blogger.googleusercontent.com
6	imgs.ysscores.com	cu9.yalla-shoot-new.com
4	ad.doubleclick.net	cu9.yalla-shoot-new.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	cdn.statically.io	cu9.yalla-shoot-new.com
2	www.googleadservices.com	cu9.yalla-shoot-new.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	cu9.yalla-shoot-new.com tpc.googlesyndication.com
2	www.google-analytics.com	cu9.yalla-shoot-new.com www.google-analytics.com
2	cu9.yalla-shoot-new.com	ajax.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	cu9.yalla-shoot-new.com
136	21

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
yalla-shoot-new.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
statically.io GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-26` - `2024-09-26`	a year	crt.sh
ysscores.com GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://cu9.yalla-shoot-new.com/
Frame ID: ACFE114C5F194FA094AFEF33F031F96E
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 43F4641A56A17601770B86214B85A42E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3980218845900927&output=html&h=280&slotname=2433590406&adk=2097946291&adf=2782433453&pi=t.ma~as.2433590406&w=1140&fwrn=4&fwrnh=100&lmt=1708418709&rafmt=1&format=1140x280&url=https%3A%2F%2Fcu9.yalla-shoot-new.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708425719894&bpp=6&bdt=405&idt=265&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&correlator=6185533717689&frm=20&pv=2&ga_vid=1918593651.1708425720&ga_sid=1708425720&ga_hid=58841166&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081140%2C31081221%2C95324581%2C95325069%2C31081078%2C95322182%2C95320869%2C95324154%2C95324160%2C95325077&oid=2&pvsid=2837033585240763&tmod=2029326761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: ACABD4B7310A5C9F698E60549225874E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3980218845900927&output=html&adk=1812271804&adf=3025194257&lmt=1708418709&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fcu9.yalla-shoot-new.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708425719944&bpp=2&bdt=454&idt=251&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&nras=1&correlator=6185533717689&frm=20&pv=1&ga_vid=1918593651.1708425720&ga_sid=1708425720&ga_hid=58841166&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081140%2C31081221%2C95324581%2C95325069%2C31081078%2C95322182%2C95320869%2C95324154%2C95324160%2C95325077&oid=2&pvsid=2837033585240763&tmod=2029326761&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Frame ID: A5E7C7F9D36B673B3A682A3BD403525E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6B1CE2F9355C1BC533AF20ECAEE11A50
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7BE0D118F030F1501F198692B55669A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 687228F220951D2F356785DBBF8D558D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 36185D2C2A635EEA281A0FEE928100B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNVIsHwyh_8q_H7JzgS5Mu2MjxXxaj5CBMx9-vdtI3RXlscd2S2nwPPjyx6x5WcDV42TMzRd40DlWGblrS9_bF1GDhuEXg
Frame ID: 28EA762376F78A036F0C6FC6A1EA15DA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Frame ID: F5EB07AD8FDE9A5384F774D535937B82
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNXVIzwwlS4kO6hXMKLfERu7Opam38C2KsHh4WXae4dZXz_TfDHv3jIXk3l_dF7FOvpz4avTejieaLO9mUc4QovHI08ufg
Frame ID: C17FFF470D31E82067548B8C399F8058
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/14126489232411991967
Frame ID: 192F7DC369BFE352797D4C3ECD9DC601
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEYlfad4AEwAQ&v=APEucNUytMPDtjxHNs86Io9IyX_Zx5DtsDsUDRKYQMF9xmK189cElY3SleUdF_rACdfvTNgvIJN8pBboTLfmMBi1SAzEIyOwxg
Frame ID: FD2756E3AEEBCEA032561768A3F4CB10
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 2D0B0A0D8C50BED4AC22D29CE7445B45
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 5A958D56583A7732C7EB99CD76FF7EC3
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C33DF58B2EB9F071F14346DC48567874
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ACCF75D7700CD7DE6277386752F48B42
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ABADB2643363527F0F76CC4D01D6919C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/728x90.html?ev=01_250
Frame ID: BBA3312B8FD151B8AA0585142D7C77F9
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 465535606788D714AA0ACCDE71F66826
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 48A307A543FF07D43BEEDA162DE2ED78
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E31144937C14A0A2F8097AE7FCB96110
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2DF06BBD3C0DB231A3FA2CEA03B297B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلا شوت الجديد الرسمي | Yalla Shoot New أهم مباريات اليوم جوال

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

90 %
HTTPS

74 %
IPv6

14
Domains

21
Subdomains

20
IPs

1
Countries

2905 kB
Transfer

5708 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/SiteYallaShootNew
Title: تيليجرام

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1gle9E8akOYojRalorfuc&google_cver=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdSB.cAoJMAAAHijADec6AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI21QzL7iC1rtCwEVMJ_nTY&google_cver=1

Request Chain 81

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1OTE1NjY5NTY3NjA1NzMwOQ%3D%3D

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdSB.cAoJMAAAHijADec6AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEELVp7Wn9thh5px5WgpK4m8&google_cver=1

Request Chain 91

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMjIyNzkzMjUzODM1MTM1MA%3D%3D

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1

Request Chain 94

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdSB.dHM790AAEoOAEtVHAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEELVp7Wn9thh5px5WgpK4m8&google_cver=1

Request Chain 96

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1OTE1NjY5NTY3NjA1NzMwOQ%3D%3D

Request Chain 100

https://googleads.g.doubleclick.net/pagead/adview?ai=CA-JT-IHUZYPrDuuooPMPs8KsqALruK3JdKjf_terEp64iLaDAxABIJiztHNgyYaAgNyjxBCgAaLp0JcqyAEJqAMByAPLBKoEpQJP0JiNmzyUyMPTDpcv55QkGKKJP6Zd3-VxoPsFCGhxNyQu_B63jlfVmLV0fcXyUF7_d6WOirRCBI35_6nYmSRmqtHySuZp_o2lvlN4GAwvcsXgX4XVkBIG4jIImG1g0LiRBpeBqqCn-L2z4RS_TigvjNG9AYlbiXmTO3JJPFHHIy1XjDgMEguQCFg8oNMP3rnguqhLZiDBOfR06xxywkcqLWFrFU4sXscBJpSKugcQyGuv7ubBtLT11O8d1zD-kJl50D-RPa5ow0xttGN-SAZPed7ksgaEjIILIFbHGAOnGtLFNeXUuShGZHJuq2OBZfMju8asMslWODwnAoXXbavVztiKJIvpFb1X8BA_q0CfHJVq74B1E3kqAz2Rp5XiTXo9k4rUB8AE6IzJtNAEiAXg6fy-TJIFBAgEGAGSBQQIBRgEoAYugAeioaH3BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEELjUKNIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOli1orjh3bmEA5oJKWh0dHBzOi8vd3d3LmZsb3JpZGFwc3ljaG90aGVyYXB5Z3JvdXAuY29tgAoByAsB2gwQCgoQwI-Dk_3xsvYIEgIBA7gT5APYEwvQFQGAFwGyFxwKGggAEhRwdWItMzk4MDIxODg0NTkwMDkyNxgA&sigh=tvC0PCRf20I&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_sIAj1-7Clv8YuTotVsfcvd-OnmEGL-fFbpzmh-F4OT4o8z3JZuf1tTRpaSpAFA908ax0uj7-kXuAcJxLhcYgOqJlVCf0AFLPK8QYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9c73e4e7a24b039e0000000000000000%22,%222%22:%220x27ebe476d016f0e50000000000000000%22,%223%22:%220x18bf9a08e6278e4d0000000000000000%22,%224%22:%220x8691256e439eb24b0000000000000000%22,%225%22:%220x50c952e9fe0f71500000000000000000%22},%22debug_key%22:%226029346750082102898%22,%22debug_reporting%22:true,%22destination%22:%22https://floridapsychotherapygroup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211323847842%22],%2222%22:[%22true%22],%224%22:[%2202-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218269585726939819425%22}&andc=true

136 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cu9.yalla-shoot-new.com/ 161 KB
41 KB 264ms
158ms Document
text/html 2606:4700:3031::6815:6032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:6032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7721888cce4a8f749a55eb711591a5c24aa417f20e9e565b2db7b0dcfc0d3543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 858623e9eab6288c-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 10:41:59 GMT
expires: Tue, 20 Feb 2024 10:41:59 GMT
last-modified: Tue, 20 Feb 2024 08:45:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQVhq9Xp4OJWQoiqETvd%2Bv53A5gWGBP9QciIkcc8XQrpHLxwOk46Iadj6YDn51H09YCk2RphrzGqY8lZxLxu3DXtS6sl%2F1IVsF0w3PFoqz9cWAHpCpZ5VHIRm7FqImz3bQhfK8Ohj%2BP0UsZd%2F4mppJqAk7xBjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-robots-tag: all,noodp
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 249ms
115ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59e7d1dea63534ba89dad444bc9cc03f74651088eb0ea0fd8ddc22350c4fd68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51571
x-xss-protection: 0
server: cafe
etag: 17338194474574996357
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 20 Feb 2024 10:41:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 293ms
155ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 14:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 14:56:01 GMT

GET
H2 200 MM2.js Show response
cdn.statically.io/gh/yallashoot808/yalla-shoot-new/bb9b6c4d/ 57 KB
20 KB 187ms
98ms Script
application/javascript 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/gh/yallashoot808/yalla-shoot-new/bb9b6c4d/MM2.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

4fd133baaaf2456073af1ed2ecebb17653db8c3aeb767a1ad5a5d328074624f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1802098
x-cache: HIT, MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19912
x-served-by: cache-sjc10064-SJC, cache-mia-kmia1760081-MIA
server: statically
etag: W/"a5b6ba509df73a272a8999db88c11ea8c685545642b8c3822ae64cf7fddadb48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *

GET
H2 200 lazyload.js Show response
cdn.statically.io/gh/yallashoot808/yalla-shoot-new/f5492b95/ 9 KB
4 KB 122ms
33ms Script
application/javascript 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/gh/yallashoot808/yalla-shoot-new/f5492b95/lazyload.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

fe673bcbf429be4d509620936794281fd415cec9985daf846aa2f882843fe6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 419423
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3456
x-served-by: cache-sjc10063-SJC, cache-mia-kmia1760081-MIA
server: statically
etag: W/"d3fa392ea2763ecabf0d16444e66f263ae7a60c623ed2580ba986f3c67a14489"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *

GET
H2 200 4481690118308.png
imgs.ysscores.com/teams/128/ 21 KB
22 KB 128ms
39ms Image
image/png 2606:4700:20::ac43:4870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.ysscores.com/teams/128/4481690118308.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4870 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd435edc3fee9d5de3bfd982d3a01188a155a482fa0d5095a6aef14f8d64e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 304966
content-length: 21822
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 05 Aug 2023 18:23:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRjM28dFQVtVKv3aIZbrxr1ph%2BJrLaK0OeB%2F1x%2BPvc0w9EmT5nb47El3zt4DibHeSUaZZs1j1DSsaMBCWBx0hP7Kkk1HNaRrKIbZ2QLebN5%2BXltY%2FrBMY5kitYQXkAIB73q0IbxcgMgAdWsnMWcc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 858623ebcf93746f-MIA
expires: Tue, 16 Apr 2024 21:51:36 GMT

GET
H2 200 4791690118957.png
imgs.ysscores.com/teams/128/ 20 KB
20 KB 131ms
43ms Image
image/png 2606:4700:20::ac43:4870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.ysscores.com/teams/128/4791690118957.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4870 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1016fa16e2cf66770420f0046a289f7bcbc6845bfbdaf47b1e479b88fc1d5d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305198
content-length: 20329
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 05 Aug 2023 18:23:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoJonq1LKUeQkLwvd549z265%2BBA3MNQX%2F7k%2FFap2VcDDsl%2But3mHEZtZ8b4NejwOQEdR1xKSHUM2e3ONFRcTgEskjXA2mT%2FIxRsP2UuaPVv%2Bo5x351OZRHq0sSfyZPwBMwzpTEUryK7esXCCErhK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 858623ebcf96746f-MIA
expires: Tue, 16 Apr 2024 21:51:35 GMT

GET
H2 200 3101690283003.png
imgs.ysscores.com/teams/128/ 12 KB
12 KB 129ms
41ms Image
image/png 2606:4700:20::ac43:4870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.ysscores.com/teams/128/3101690283003.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4870 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d41426b9db6fb5f4e067e558a50ae1d01bf093fb7dbc421c0d80c98866c05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305397
content-length: 11888
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 25 Jul 2023 11:03:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oq0vP73xetBr%2FpZgusUinWGpnYV0bkSP176%2FYmUJX%2FybjvaKkPJqJtFPVUcLp55mU4IlMIBFgvdWVOWl%2Bc2ovdlujoi%2BuoBpRYSmgyvdGKGvreO9jj55U8sWUsJJvIMn8BVcFQElLdGcrhZeKXIx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 858623ebcf95746f-MIA
expires: Tue, 16 Apr 2024 21:51:35 GMT

GET
H2 200 5971704903442.png
imgs.ysscores.com/teams/128/ 7 KB
7 KB 130ms
42ms Image
image/png 2606:4700:20::ac43:4870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.ysscores.com/teams/128/5971704903442.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4870 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644882d2696de1517d9ca5eac865c328b5595d28d90e68277804a1c94435f6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305198
content-length: 7299
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 10 Jan 2024 16:17:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQmgtdO5q45Lx4JqhByqjCa5xDWfincaSS7ZGA9skfcFT2abzWBXqMpP6cldoYqBtZRpbn7dpbuAI0uqpHb6r1%2Fh1gkI4NNI%2Bt%2BYsOFLivlEd9AB30U4mnfB46LjOrPkU%2BL2D7wnNsYyfel1h94o"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 858623ebcf9b746f-MIA
expires: Tue, 16 Apr 2024 21:51:35 GMT

GET
H2 200 3391690378187.png
imgs.ysscores.com/teams/128/ 14 KB
14 KB 161ms
73ms Image
image/png 2606:4700:20::ac43:4870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.ysscores.com/teams/128/3391690378187.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4870 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9862033a6148f9189447a61ae65696a471b0258e9d14a05c041b0ea0b54d92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 202935
content-length: 13865
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 05 Aug 2023 18:23:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihoMGoXVFuPOOlpFgKlEFZIdoR9EQsJebZE8iUjAYU0nF8PFjiovS7gw8hxRSWUB9p5%2BDA3tieDIVjdRlu1VRHNL0uK0HwWWCRBjYbBoAYBvEfoKfmA%2F2BXvtCkVzNODOEFkUtpL4exQBTAVWr%2Fa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 858623ebcf9f746f-MIA
expires: Tue, 16 Apr 2024 21:51:35 GMT

GET
H2 200 4201690288818.png
imgs.ysscores.com/teams/128/ 12 KB
13 KB 159ms
72ms Image
image/png 2606:4700:20::ac43:4870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.ysscores.com/teams/128/4201690288818.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4870 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a03d72e6354d838e89a7a328abe45040de7a45eb5eadbbf675899a817940373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305198
content-length: 12642
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 25 Jul 2023 12:40:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxfRuVoQLi2ODqmBwqNvD5uSiVWuNkVsQ6HiSEu1bXi8%2By9G5tFMXty1GyycxplOjAS68eL303GYkMtdacSFo%2B%2Bzdv31VMbX7HjOJfWo2dVTrsVqYNNSO4Gx%2BhuhyQPT%2BTFLhIo3r8KosDQzbzPL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 858623ebcf9c746f-MIA
expires: Tue, 16 Apr 2024 21:51:35 GMT

GET
H2 200 PremierLeague.png
lh3.googleusercontent.com/-FnRa-rthxKQ/XXawVZCJ64I/AAAAAAAACfY/VdH7zQ0i2JQrKCmysJBp5i_LKhFv1wY6gCLcBGAs/s1600/ 30 KB
30 KB 387ms
251ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-FnRa-rthxKQ/XXawVZCJ64I/AAAAAAAACfY/VdH7zQ0i2JQrKCmysJBp5i_LKhFv1wY6gCLcBGAs/s1600/PremierLeague.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c810d287af0e3aa96559e44ab500544dcb1b6d969ea634f93ae2ca0a77ee539e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="PremierLeague.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30712
x-xss-protection: 0
server: fife
etag: "v9f7"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:41:59 GMT

GET
H2 200 la-liga.png
lh3.googleusercontent.com/-nyiAkuPNsfE/Y0S-vFV1egI/AAAAAAAAHAU/vq0M_yhFWPwPve85NwFuyXLjGop5CXvuQCNcBGAsYHQ/h120/ 4 KB
4 KB 507ms
372ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-nyiAkuPNsfE/Y0S-vFV1egI/AAAAAAAAHAU/vq0M_yhFWPwPve85NwFuyXLjGop5CXvuQCNcBGAsYHQ/h120/la-liga.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f004c7725a1678eb9e9e4cb7354545b914d13bcdfbc0e8bdae8540483887371d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="la-liga.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3615
x-xss-protection: 0
server: fife
etag: "v1c07"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:42:00 GMT

GET
H2 200 serie-a.png
lh3.googleusercontent.com/-_PaWg6FGsNE/Y0S-50jr7VI/AAAAAAAAHAY/KCGlto6gkI4TgRwUqXff-kKJjWWqpMi-ACNcBGAsYHQ/h120/ 2 KB
2 KB 507ms
401ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-_PaWg6FGsNE/Y0S-50jr7VI/AAAAAAAAHAY/KCGlto6gkI4TgRwUqXff-kKJjWWqpMi-ACNcBGAsYHQ/h120/serie-a.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bf72c1343fc185649a968122ba059a0221009db5c64299d56408b8a702903fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="serie-a.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2122
x-xss-protection: 0
server: fife
etag: "v1c09"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:42:00 GMT

GET
H2 200 ligue-1.png
lh3.googleusercontent.com/-ZslP91yzcbY/Y2f5cklGUEI/AAAAAAAAHII/CaIhCrJrZvom2BSuneD-tFFzNRA0oX9pgCNcBGAsYHQ/h120/ 1 KB
1 KB 435ms
329ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-ZslP91yzcbY/Y2f5cklGUEI/AAAAAAAAHII/CaIhCrJrZvom2BSuneD-tFFzNRA0oX9pgCNcBGAsYHQ/h120/ligue-1.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c74ca64fde6b73742f42d22bea45493bd98b3b5fb0b1fe7bc96ea58116377735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="ligue-1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1411
x-xss-protection: 0
server: fife
etag: "v1c85"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:41:59 GMT

GET
H2 200 Bundesliga.png
lh3.googleusercontent.com/-6iFnx-rH1ZU/Y0s0ZOwuVcI/AAAAAAAAHBc/znRqlC-zbTI0ghchKKXrVlJCfMXEsXx6ACNcBGAsYHQ/h120/ 1 KB
1 KB 434ms
328ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-6iFnx-rH1ZU/Y0s0ZOwuVcI/AAAAAAAAHBc/znRqlC-zbTI0ghchKKXrVlJCfMXEsXx6ACNcBGAsYHQ/h120/Bundesliga.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

26e53576071252aee7ff421a25161d94e02f1f9f0513c5a7b895e8ca716107f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Bundesliga.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1242
x-xss-protection: 0
server: fife
etag: "v1c18"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:41:59 GMT

GET
H2 200 champions-league.png
lh3.googleusercontent.com/-TJIqAyYObHM/Y2f5TVN217I/AAAAAAAAHIE/-fXWgA6ZF-MAc_GM4E9GAJgu_fH52J9PACNcBGAsYHQ/h120/ 2 KB
2 KB 533ms
428ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-TJIqAyYObHM/Y2f5TVN217I/AAAAAAAAHIE/-fXWgA6ZF-MAc_GM4E9GAJgu_fH52J9PACNcBGAsYHQ/h120/champions-league.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

98ab2520a56e31a53f0f9d09a496199bf9817719874e0691e22e275d00b2762b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="champions-league.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2028
x-xss-protection: 0
server: fife
etag: "v1c84"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:42:00 GMT

GET
H2 200 europa-league.png
lh3.googleusercontent.com/-Oww4l5ad3jg/Y2f5crWJjWI/AAAAAAAAHIM/1taUs5YpmmkRW6czsDBiCdAbCuX4dyfxwCNcBGAsYHQ/h120/ 3 KB
3 KB 451ms
345ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-Oww4l5ad3jg/Y2f5crWJjWI/AAAAAAAAHIM/1taUs5YpmmkRW6czsDBiCdAbCuX4dyfxwCNcBGAsYHQ/h120/europa-league.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e8c31fef3a893e517e698ba54fc9faa8e4ab508fd669498ec9b73606736f1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="europa-league.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2816
x-xss-protection: 0
server: fife
etag: "v1c86"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:41:59 GMT

GET
H2 200 egyptian-league.png
lh3.googleusercontent.com/-Hp7mvXI4IWA/Y2gD3rr8WpI/AAAAAAAAHJI/aOj3e6WXl-Eq0IRj8ljLTqtdMge5pHC5wCNcBGAsYHQ/h120/ 10 KB
10 KB 487ms
382ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-Hp7mvXI4IWA/Y2gD3rr8WpI/AAAAAAAAHJI/aOj3e6WXl-Eq0IRj8ljLTqtdMge5pHC5wCNcBGAsYHQ/h120/egyptian-league.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e682b3ad684d79f6108138e9028dacd5ea730ace6bb2ec73f0630dd4ed30fd20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="egyptian-league.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10037
x-xss-protection: 0
server: fife
etag: "v1c93"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:42:00 GMT

GET
H2 200 saudi-rsl.png
lh3.googleusercontent.com/-XGgK61a27Js/Y2gDYpdOSBI/AAAAAAAAHIo/wNmSF49smoIb_QBnovXPznQm9WhrppGvQCNcBGAsYHQ/h120/ 5 KB
5 KB 428ms
322ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-XGgK61a27Js/Y2gDYpdOSBI/AAAAAAAAHIo/wNmSF49smoIb_QBnovXPznQm9WhrppGvQCNcBGAsYHQ/h120/saudi-rsl.png

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fe429139039fcd1bd78d7cfc822af379eb8066939fbe113a7ed92ecaf4737abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="saudi-rsl.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5091
x-xss-protection: 0
server: fife
etag: "v1c91"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Feb 2024 10:41:59 GMT

GET
H2 200 NeoSansArabic.woff
cdn.statically.io/gh/yallashoot808/yalla-shoot-new/6a47ce1e/ 56 KB
56 KB 145ms
72ms Font
font/woff 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/gh/yallashoot808/yalla-shoot-new/6a47ce1e/NeoSansArabic.woff

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Origin: https://cu9.yalla-shoot-new.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
age: 589119
etag: "4cb0be1807b6236ab749d2f5e38eed261e9f0d3967da730a6786482cd5dd4b18"
x-cache: HIT, HIT
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57364
x-served-by: cache-sjc10027-SJC, cache-mia-kmia1760056-MIA

GET
H2 200 29LTBukra-Bold.woff
cdn.statically.io/gh/yallashoot808/yalla-shoot-new/3b5b65d8/ 57 KB
57 KB 107ms
35ms Font
font/woff 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/gh/yallashoot808/yalla-shoot-new/3b5b65d8/29LTBukra-Bold.woff

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

e849b4a7acbb87a8e9ba546e39d5757fb691f97193412deec5042504b8843961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Origin: https://cu9.yalla-shoot-new.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
age: 1018412
etag: "28b4be84b8a711d6a644b5b0623fdef336a5198d5afd790cccd54a1e350e8a42"
x-cache: HIT, HIT
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 58464
x-served-by: cache-sjc10029-SJC, cache-mia-kmia1760056-MIA

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 406 KB
138 KB 138ms
133ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bb1a1bbf667a25c97125130784745b47ee1c0608f213e9027dd52afd890afa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141173
x-xss-protection: 0
server: cafe
etag: 7940211786571781542
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:41:59 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 43F4 9 KB
5 KB 209ms
63ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 38106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 00:06:54 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 00:06:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 204ms
64ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Feb 2024 09:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3018
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 20 Feb 2024 11:51:42 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ACAB 117 KB
40 KB 687ms
686ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3980218845900927&output=html&h=280&slotname=2433590406&adk=2097946291&adf=2782433453&pi=t.ma~as.2433590406&w=1140&fwrn=4&fwrnh=100&lmt=1708418709&rafmt=1&format=1140x280&url=https%3A%2F%2Fcu9.yalla-shoot-new.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708425719894&bpp=6&bdt=405&idt=265&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&correlator=6185533717689&frm=20&pv=2&ga_vid=1918593651.1708425720&ga_sid=1708425720&ga_hid=58841166&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081140%2C31081221%2C95324581%2C95325069%2C31081078%2C95322182%2C95320869%2C95324154%2C95324160%2C95325077&oid=2&pvsid=2837033585240763&tmod=2029326761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=284

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5903b55800454ea6e7c783119814b6ea03ce7870d46bebd248b2ea17c9bf58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41195
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 10:42:00 GMT
expires: Tue, 20 Feb 2024 10:42:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5E7 555 KB
137 KB 485ms
484ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3980218845900927&output=html&adk=1812271804&adf=3025194257&lmt=1708418709&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fcu9.yalla-shoot-new.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708425719944&bpp=2&bdt=454&idt=251&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&nras=1&correlator=6185533717689&frm=20&pv=1&ga_vid=1918593651.1708425720&ga_sid=1708425720&ga_hid=58841166&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081140%2C31081221%2C95324581%2C95325069%2C31081078%2C95322182%2C95320869%2C95324154%2C95324160%2C95325077&oid=2&pvsid=2837033585240763&tmod=2029326761&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c848daad20ffd6daf6e2594fe146e91bb2f897bca7e4d0253cfd69fd32345afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 139857
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 10:42:00 GMT
expires: Tue, 20 Feb 2024 10:42:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 98ms
97ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=58841166&t=pageview&_s=1&dl=https%3A%2F%2Fcu9.yalla-shoot-new.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AC%D9%88%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=835266588&gjid=318834848&cid=1918593651.1708425720&tid=UA-137036133-1&_gid=1914089141.1708425720&_r=1&_slc=1&z=126065978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cu9.yalla-shoot-new.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cu9.yalla-shoot-new.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
352 B 210ms
81ms XHR
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-137036133-1&cid=1918593651.1708425720&jid=835266588&gjid=318834848&_gid=1914089141.1708425720&_u=IAhAAEAAAAAAACAAI~&z=1483547637

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cu9.yalla-shoot-new.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Feb 2024 10:42:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cu9.yalla-shoot-new.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 231ms
97ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-137036133-1&cid=1918593651.1708425720&jid=835266588&_u=IAhAAEAAAAAAACAAI~&z=908140538

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ACAB 4 KB
1 KB 237ms
94ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3980218845900927&output=html&h=280&slotname=2433590406&adk=2097946291&adf=2782433453&pi=t.ma~as.2433590406&w=1140&fwrn=4&fwrnh=100&lmt=1708418709&rafmt=1&format=1140x280&url=https%3A%2F%2Fcu9.yalla-shoot-new.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708425719894&bpp=6&bdt=405&idt=265&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&correlator=6185533717689&frm=20&pv=2&ga_vid=1918593651.1708425720&ga_sid=1708425720&ga_hid=58841166&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081140%2C31081221%2C95324581%2C95325069%2C31081078%2C95322182%2C95320869%2C95324154%2C95324160%2C95325077&oid=2&pvsid=2837033585240763&tmod=2029326761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 10:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 10:39:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 10:42:01 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 166 KB
56 KB 180ms
179ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/reactive_library_fy2021.js?bust=31081078

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a05bae9849f96d1956216480b5118d7efa485bbe5644ce482d6bb672135b8deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57335
x-xss-protection: 0
server: cafe
etag: 17977372239696501597
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:42:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame ACAB 2 KB
903 B 226ms
83ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:59:04 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/8732617580625569934/ Frame ACAB 11 KB
11 KB 265ms
125ms Image
image/jpeg 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8732617580625569934/2728354180183721846?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13b2ad0e7ee0a581c47f0046c77cbb7c260776a75afa66b31ac34be7d4bf14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Tue, 20 Feb 2024 10:42:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11295
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 14:38:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Feb 2025 10:42:01 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/16378165597067213857/ Frame ACAB 2 KB
2 KB 263ms
123ms Image
image/jpeg 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16378165597067213857/2728354180183721846?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33478aefd7a497d9fefdca8283c39959104ea58d449fc8b05631f6dce1e0bea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Tue, 20 Feb 2024 10:42:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2024
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 14:38:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Feb 2025 10:42:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame ACAB 23 KB
9 KB 200ms
70ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 13:15:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame ACAB 3 KB
1 KB 209ms
79ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame ACAB 20 KB
8 KB 192ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame ACAB 204 KB
61 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:51:19 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame ACAB 36 KB
15 KB 225ms
66ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 6B1C 9 KB
4 KB 63ms
63ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 37426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 00:18:15 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 00:18:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 7BE0 9 KB
4 KB 63ms
62ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 37426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 00:18:15 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 00:18:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 6872 9 KB
4 KB 63ms
62ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 37426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 00:18:15 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 00:18:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 3618 9 KB
4 KB 66ms
66ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 37426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 00:18:15 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 00:18:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ACAB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dc56daa63f888c0ee8b9fc17ec65399d97f6e0df3b781fbef84b630e8a45b36

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 6B1C 5 KB
767 B 96ms
95ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 10:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 10:15:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 10:42:01 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6B1C 205 B
520 B 68ms
65ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:50:03 GMT
x-content-type-options: nosniff
age: 384718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 23:50:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6B1C 604 B
696 B 68ms
66ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:16:08 GMT
x-content-type-options: nosniff
age: 440753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 08:16:08 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 6B1C 15 KB
6 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 21:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 21:56:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 6B1C 22 KB
9 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:01:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 28EA 624 B
246 B 100ms
100ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNVIsHwyh_8q_H7JzgS5Mu2MjxXxaj5CBMx9-vdtI3RXlscd2S2nwPPjyx6x5WcDV42TMzRd40DlWGblrS9_bF1GDhuEXg

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 10:42:01 GMT
expires: Tue, 20 Feb 2024 10:42:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame F5EB 23 KB
9 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 22:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 22:41:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame F5EB 8 KB
3 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:59:53 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F5EB 41 KB
14 KB 70ms
69ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F5EB 3 KB
1 KB 82ms
81ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F5EB 20 KB
8 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F5EB 204 KB
61 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:51:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5EB 42 B
63 B 98ms
98ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjiShg1IvF6eBucSzBHGuQ64GaeA-1xzSGuGaBP2XuH8ZDFOqtAxocIn0xnZgRbkhF1qKChckDRBINsrbJL5As57_tInQILR6QH5Kjj5J0CY0SNgk

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14126489232411991967
s0.2mdn.net/simgad/ Frame F5EB 150 KB
151 KB 220ms
65ms Image
image/gif 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14126489232411991967

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

361ec8f707a75a998c63727f91b91ee86e4dfad224ef555bd525a4d352da44cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 21:56:39 GMT
date: Thu, 15 Feb 2024 21:56:39 GMT
x-content-type-options: nosniff
age: 391522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153803
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 04:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C17F 624 B
246 B 100ms
99ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNXVIzwwlS4kO6hXMKLfERu7Opam38C2KsHh4WXae4dZXz_TfDHv3jIXk3l_dF7FOvpz4avTejieaLO9mUc4QovHI08ufg

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 10:42:01 GMT
expires: Tue, 20 Feb 2024 10:42:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14126489232411991967
s0.2mdn.net/simgad/ Frame 192F 150 KB
150 KB 263ms
138ms Image
image/gif 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14126489232411991967

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

361ec8f707a75a998c63727f91b91ee86e4dfad224ef555bd525a4d352da44cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 21:56:39 GMT
date: Thu, 15 Feb 2024 21:56:39 GMT
x-content-type-options: nosniff
age: 391522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153803
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 04:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 192F 23 KB
9 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 22:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 22:41:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 192F 8 KB
3 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:59:53 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 192F 41 KB
14 KB 136ms
132ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 192F 3 KB
1 KB 138ms
133ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 192F 20 KB
8 KB 69ms
65ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 192F 204 KB
61 KB 70ms
69ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:51:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 192F 42 B
63 B 108ms
105ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BcGUorzMplQi90P8fDhRpiZBceZjM4UCQr2TLBlksGQGlFlppM6KPg_TZtv_07-8EivKnDQqS4ZhdnUFncfWRXwoXDHe4ow_J1zS6LjVi2fQHcwJA

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FD27 624 B
246 B 103ms
102ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEYlfad4AEwAQ&v=APEucNUytMPDtjxHNs86Io9IyX_Zx5DtsDsUDRKYQMF9xmK189cElY3SleUdF_rACdfvTNgvIJN8pBboTLfmMBi1SAzEIyOwxg

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 10:42:01 GMT
expires: Tue, 20 Feb 2024 10:42:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2D0B 111 KB
39 KB 207ms
63ms Script
text/javascript 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 00:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 00:13:35 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 2D0B 8 KB
3 KB 74ms
74ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:59:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 2D0B 23 KB
9 KB 70ms
69ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 22:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 22:41:13 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D0B 41 KB
14 KB 97ms
93ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2D0B 3 KB
1 KB 98ms
94ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2D0B 20 KB
8 KB 96ms
92ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2D0B 204 KB
61 KB 69ms
67ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:51:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D0B 42 B
63 B 111ms
110ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZmcPxvSmoDEpuUV6etEiTVD9E3DEd8Ja-qvamazG8N1p-L0eP3glGU38hD9vZD9X_YrrYqT0aHlKUDF-yN172an7wZQ2xwuVZDW9EIL9ZtjIHJcc

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ACAB 16 KB
16 KB 217ms
69ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 05:33:05 GMT
x-content-type-options: nosniff
age: 450536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 05:33:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ACAB 15 KB
15 KB 230ms
85ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 414291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 28EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1gle9E8akOYojRalorfuc&google_cver=1

43 B
731 B

69ms
69ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1gle9E8akOYojRalorfuc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNVIsHwyh_8q_H7JzgS5Mu2MjxXxaj5CBMx9-vdtI3RXlscd2S2nwPPjyx6x5WcDV42TMzRd40DlWGblrS9_bF1GDhuEXg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCTQQe6tle6UYqxqI%2BDuAzvnuFCaLtaHh1GkK1ptyv2I65Vn19Nz%2BOtaNucz3i64oG3q1b8JmQgJbFEGgZicZ9GSCezMIw8ZtD27r1qK6qeaQj3bpzC%2FNVKUmRidkdUF2x%2Bky04zDzFpQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858623f8dfb75c6b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1gle9E8akOYojRalorfuc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 28EA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdSB.cAoJMAAAHijADec6AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2

43 B
732 B

82ms
82ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNVIsHwyh_8q_H7JzgS5Mu2MjxXxaj5CBMx9-vdtI3RXlscd2S2nwPPjyx6x5WcDV42TMzRd40DlWGblrS9_bF1GDhuEXg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcE%2FJTp7IyqzR1Q6f7YjhG43DubeY8EqPq6QpvHXmsueTmJz1JaCd1QW%2B%2B186olbKhB0y8JI6eHF%2FmtC38oTuF0M1i5ZEMfcbgA%2BqUnF3bXTRH37w2Ea99t2ENV1mMBz44Mt1HDDzrhsHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858623f978335c6b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 28EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI21QzL7iC1rtCwEVMJ_nTY&google_cver=1

43 B
1 KB

69ms
69ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI21QzL7iC1rtCwEVMJ_nTY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNVIsHwyh_8q_H7JzgS5Mu2MjxXxaj5CBMx9-vdtI3RXlscd2S2nwPPjyx6x5WcDV42TMzRd40DlWGblrS9_bF1GDhuEXg

Protocol

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
an-x-request-uuid: f0e69038-a450-4ef3-a181-783453242b06
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI21QzL7iC1rtCwEVMJ_nTY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 28EA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1OTE1NjY5NTY3NjA1NzMwOQ%3D%3D

170 B
232 B

98ms
98ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1OTE1NjY5NTY3NjA1NzMwOQ%3D%3D

Requested by

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
an-x-request-uuid: 45c6b52a-3489-4032-88c5-c5137754f31d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1OTE1NjY5NTY3NjA1NzMwOQ%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5A95 2 KB
822 B 63ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:59:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 5A95 23 KB
9 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 13:15:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5A95 3 KB
1 KB 94ms
94ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5A95 20 KB
8 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5A95 204 KB
61 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:51:19 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 5A95 36 KB
15 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 19:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:31:33 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C17F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1

43 B
822 B

71ms
70ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNXVIzwwlS4kO6hXMKLfERu7Opam38C2KsHh4WXae4dZXz_TfDHv3jIXk3l_dF7FOvpz4avTejieaLO9mUc4QovHI08ufg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaj4AFVijlr0Xk7jcAfCcCGI%2BT8IRHZkbQpyw1ONaZonHqcVfvnkW1E%2FIj0FYrRJq0dEAoajB9e3MMcTqgmlF1rmPmHAwO1dwNqoATM%2BMmghOKtZp8aKE0Vl2gy7u84icSv%2BjEUQnu7gYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858623f8efbc5c6b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C17F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdSB.cAoJMAAAHijADec6AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2

43 B
734 B

81ms
81ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNXVIzwwlS4kO6hXMKLfERu7Opam38C2KsHh4WXae4dZXz_TfDHv3jIXk3l_dF7FOvpz4avTejieaLO9mUc4QovHI08ufg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTd5K9%2Fq38g%2BQMtwtp3h5FLpnf%2BWThgXGPBnTmGOS7K45ZDYx4JRRehBjD7MTjHaGVpKJD%2FoxH5l96tuVkdKjbfsqRvEtfRKgxLb3NoRc2OS5I93dMviXosFL1OWCFqFBDHIUFuBoPZq8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858623f978325c6b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C17F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEELVp7Wn9thh5px5WgpK4m8&google_cver=1

43 B
1 KB

72ms
71ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEELVp7Wn9thh5px5WgpK4m8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxDvmLzzBRi9nfKDAjAB&v=APEucNXVIzwwlS4kO6hXMKLfERu7Opam38C2KsHh4WXae4dZXz_TfDHv3jIXk3l_dF7FOvpz4avTejieaLO9mUc4QovHI08ufg

Protocol

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
an-x-request-uuid: fefe80a6-d48b-4e75-9963-b958fa820a94
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEELVp7Wn9thh5px5WgpK4m8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C17F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMjIyNzkzMjUzODM1MTM1MA%3D%3D

170 B
232 B

95ms
93ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMjIyNzkzMjUzODM1MTM1MA%3D%3D

Requested by

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
an-x-request-uuid: 5cfcd031-f977-4240-ad5a-1147cb4aae48
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMjIyNzkzMjUzODM1MTM1MA%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C33D 38 KB
13 KB 63ms
62ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 372017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1

43 B
736 B

74ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEYlfad4AEwAQ&v=APEucNUytMPDtjxHNs86Io9IyX_Zx5DtsDsUDRKYQMF9xmK189cElY3SleUdF_rACdfvTNgvIJN8pBboTLfmMBi1SAzEIyOwxg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRamAeif3gKCVGiNY%2FjtHvyKEKP%2BcwjZ%2Bui%2Fpb0E1iZfVyamhaIDxwlRSbThRfhp8E%2BGKpdY7E0ccKD%2Fzxy%2B3SzDmUJcwotWdJsa1M4uYEQetyHhqgdcjzTTrIRFDOK3ajrHVHIOmJtEEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858623f8efb85c6b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD27
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdSB.dHM790AAEoOAEtVHAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2

43 B
732 B

75ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEYlfad4AEwAQ&v=APEucNUytMPDtjxHNs86Io9IyX_Zx5DtsDsUDRKYQMF9xmK189cElY3SleUdF_rACdfvTNgvIJN8pBboTLfmMBi1SAzEIyOwxg
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGvT7NAlUVcAIQEHLt0whotB7R%2Bglz%2FElaaUag4mv8uZe8BanfPk3K9xPpuoyMc7qBamxAw%2BkwNefc3zW3YpyzXGYmHyVuR64qUG%2FRUhpzw3ZcWQLtOiFU8cx2hBLUzNgMlM3Y22LECNbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858623f9c8685c6b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCbvbGDd1mvaht6iPFXdhQ&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame FD27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEELVp7Wn9thh5px5WgpK4m8&google_cver=1

43 B
1 KB

68ms
68ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEELVp7Wn9thh5px5WgpK4m8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEYlfad4AEwAQ&v=APEucNUytMPDtjxHNs86Io9IyX_Zx5DtsDsUDRKYQMF9xmK189cElY3SleUdF_rACdfvTNgvIJN8pBboTLfmMBi1SAzEIyOwxg

Protocol

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
an-x-request-uuid: fc55d3dc-a56c-4b4a-af1f-b46a2e5a22a2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEELVp7Wn9thh5px5WgpK4m8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FD27
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1OTE1NjY5NTY3NjA1NzMwOQ%3D%3D

170 B
243 B

96ms
95ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1OTE1NjY5NTY3NjA1NzMwOQ%3D%3D

Requested by

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:01 GMT
an-x-request-uuid: 0e6dee7e-8cce-4a9b-89c4-77a2180210af
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1OTE1NjY5NTY3NjA1NzMwOQ%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2D0B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e62b98557326cd9dfe590ce0dcd5cce2eae900eb6b55b4b7c1b0653f6f1f99b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ACCF 38 KB
13 KB 63ms
62ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 372017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ABAD 38 KB
13 KB 63ms
62ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 372017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame ACAB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CA-JT-IHUZYPrDuuooPMPs8KsqALruK3JdKjf_terEp64iLaDAxABIJiztHNgyYaAgNyjxBCgAaLp0JcqyAEJqAMByAPLBKoEpQJP0JiNmzyUyMPTDpcv55QkGKKJP6Zd3-VxoPsFCGhxNyQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9c73e4e7a24b039e0000000000000000%22,%222%22:%220x27ebe476d016f0e50000000000000000%22,%223%22:%220x18bf9a...

0
0

262ms
132ms

Fetch
text/css

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9c73e4e7a24b039e0000000000000000%22,%222%22:%220x27ebe476d016f0e50000000000000000%22,%223%22:%220x18bf9a08e6278e4d0000000000000000%22,%224%22:%220x8691256e439eb24b0000000000000000%22,%225%22:%220x50c952e9fe0f71500000000000000000%22},%22debug_key%22:%226029346750082102898%22,%22debug_reporting%22:true,%22destination%22:%22https://floridapsychotherapygroup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211323847842%22],%2222%22:[%22true%22],%224%22:[%2202-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218269585726939819425%22}&andc=true

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9c73e4e7a24b039e0000000000000000","2":"0x27ebe476d016f0e50000000000000000","3":"0x18bf9a08e6278e4d0000000000000000","4":"0x8691256e439eb24b0000000000000000","5":"0x50c952e9fe0f71500000000000000000"},"debug_key":"6029346750082102898","debug_reporting":true,"destination":"https://floridapsychotherapygroup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11323847842"],"22":["true"],"4":["02-20"],"6":["true"]},"priority":"500","source_event_id":"18269585726939819425"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Feb 2024 10:42:02 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Feb 2024 10:42:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9c73e4e7a24b039e0000000000000000","2":"0x27ebe476d016f0e50000000000000000","3":"0x18bf9a08e6278e4d0000000000000000","4":"0x8691256e439eb24b0000000000000000","5":"0x50c952e9fe0f71500000000000000000"},"debug_key":"6029346750082102898","debug_reporting":true,"destination":"https://floridapsychotherapygroup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11323847842"],"22":["true"],"4":["02-20"],"6":["true"]},"priority":"500","source_event_id":"18269585726939819425"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 728x90.html Show response
s0.2mdn.net/sadbundle/6969519633717796610/728x90/ Frame BBA3 6 KB
2 KB 67ms
64ms Document
text/html 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/728x90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f937bddf37574c563d3ecdc5e24079730c9b760c8b938625d401b46eec04a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 106920
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2329
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:00:01 GMT
expires: Tue, 18 Feb 2025 05:00:01 GMT
last-modified: Tue, 25 Apr 2023 18:57:46 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 2D0B 0
0 271ms
103ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvyQ5bMYwVEuD5mxtFwrDM79nWrDnvZut7RJiyhmIq-jW0g7hSLvGRgPqYTdSoyR1MfLQOutVgkcgDLPD5QWooPim4X8UgcBYYRVp9R2ZtJcno0-xOyNvRs3Z8ulkjMYaAQnOJkAWVRipwue-C-Jbg-XdSMbZtUUiSUMKAxwt7ovRGgp_0aEQ8sl2VCUOH713S5rDQyRko5H89bn8dwSKPqFYRYz5GQ036ldJzWiU7c415X518q8MJXs8rEnrt954Kay8ooLwC5AhPk0c0vyaXdMz3LheI52-HckPnV6mt96G_QPZgLVUUkmgztdh9qXOpc1gWG40-sACi6G7H0WNKR5ck50Rns_v-EfiMTG1oSYIF2CsIlouielwigqMZSNBz-RiljYo3WHXp2_k8EZREyLT5rF-4GDMrhvBbUu8Cl4V157Fe11IS2CWhFNmazFZwJHf-LiVUgEv1inWD_-_rdC0DjslNl4VDORuFLwJwpfQdmhddE2Sk9tF8Qv64Cy3qFITzjGGMgCXQ3hj7eBnPDpFW2DxKg1dZ0CdfIAUt2rumI-mOVLaEVC7tmnVb5SpTvy2DUAQx2v6E5OVNCHU_3GSeqvz0Mova-9lmcN0g5mLdKVrmWspmNQN5qCzaA5DjbcA7xk2NWaikAErtxr-rVtimVSQ3hjHMwEm9HCks1dElc8U_seYggOJYIIioxFI1QxBoyGgR9nudhU4SyLXaBDPAL8XkoxHOx_BU_njG6lMDsRYO7bxQT0-ogZMhBXYsWIoKGJEUKYQ5iBkK6YR4OECCRdenUL9I05azh66dBAN-jnEvixhrMtSIvpjvrt-9X6APD-b3Y4_9EFvsWJPcqhNbhlnJqTs1vCuhI63fna4yKYcqpg02qOfJbzTj7_fmbhtyrY2LAvUSE6huSqbruVaFZHEg8ININBZMniNI99FI84TmWtHlpwz_DAZv7DvOZ4MAb2mlPcKsuyy7Ud49PuHR_xeBcpxZ9yBfBtaA3cUVEP3hFqlQ2i-3k0r39EDePFrM2gxS7nfoFBt_FpCTOhDLtyumNWoHdPgzj7XblW52Kle4t8JIH9d0ypHxP2U_ajBmcrY4k6qLA7BrnqT8as1eOUvBVRF4gAKmvZtSD5a0TlIBWuazank7tbzDH10LeqgbVWm-lpDPhw6qh2mF55cYIEstYpuzGNlMXME2WQOdbI5EKEeimWBsCbhJBcMdRM9nBgq4tY_m4YedTstLQD-yGPAtymdgtt_x9w2qlcqYbBeu8UnlOXsy1yGSh1CzANovYz78RacFbaWYRkxSGQ6A0MuCvR12uZ7_3jah1cicB4SsCF5sFf719eopc1u1bSP6W5UhpBgyodkfFjbvMOJYxq7IF7WMMWC60KUrGWgI9hSeGsJVU7AbAbuWfd_Li3cI_vpU_GZGQF7uN0XCKG1O0SGd8-lTr0d27SSpgbSff6JkzDrUWlZk4L632-bKeVFyHT0apswa2hFeDiS7Bg1xmZ_fidZ8N8g&sai=AMfl-YS8kzkilyC5qcsmUKIZ0A30iga1uUVLtVZUY2qhNE5cKfkMXSVbZDhvEzv0LX_Fm33qxI5zvm-zQRno6F14fI7ofnckT_FYdubUvc_d_sI-Vk_n6sxLaJo-A6xh32SIXVTVeBnrIOZZk2Q77fv3SknxvltRKdps2cEuvVTrmCXIBGeo-Btv-nwg5Ka968f0TazKAIOElgEzj6r6m1tTok3S8atwVaUNGUzBIAGDMcKwVkNk09SjhnXCvc_QyKlMgL833T1b_GaavyLq6lX9h2IIxFCku2QwLwhGNf5bZgRYTXACPqh2YXSrQqCbL-RtAVenIKpTPO3UDc4P6um2t7O5rPiraoHMY1nswwP1gvkQTtWRKWqUqtuC1auqWnyrGisGzfhOuGRT6rN9O-rDk-Qyj5ZHvmgPpqnvur9s3vEps6gd5LiRbGlIgGRN2gaPQYPW0rQKWClyVWG3zb1q8EjeEmnJDLSQmNNV_a-O3sD7kl-GHcGJjyA5nxPa1wp314RtgCI&sig=Cg0ArKJSzKpsUk_JPpWZEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hc2FuYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=381&cbvp=1&cstd=376&cisv=r20240215.05328&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:42:02 GMT

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4655 51 KB
19 KB 69ms
69ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 04:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 04:45:51 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame C33D 39 KB
15 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 20:08:51 GMT

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 48A3 51 KB
19 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 04:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 04:45:51 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BBA3 236 KB
63 KB 95ms
82ms Script
text/javascript 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/728x90.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Feb 2024 10:42:01 GMT

GET
H2 200 728x90.js Show response
s0.2mdn.net/sadbundle/6969519633717796610/728x90/ Frame BBA3 49 KB
10 KB 77ms
64ms Script
application/x-javascript 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/728x90.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ca648524159035e01a1421b1b8ead66f0b3f88301789c8be3f0a86d7325b8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 08:11:54 GMT
date: Thu, 15 Feb 2024 08:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10601
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 18:57:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame ACCF 39 KB
15 KB 74ms
67ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 20:08:51 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame ABAD 39 KB
15 KB 75ms
68ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 20:08:51 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 278ms
132ms Preflight
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 10:42:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F5EB 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5658b092cb3a9c0e674d3e429fb83dcd633686092ecdd3ce220cb61c775d84bd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 192F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbecca5356c298a759399e6a3b5631b4a0941c19b2b37064f5fc4eef2eb35ed2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F5EB 0
0 108ms
102ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuYQ82jp7Q9hKGL4FdcakOw-NSF-bkasM5LXxscck1O_jt2OepgMNDuIoWyGJNGgjKUU99pt_tBqDl3flN2fBEJtbdTFkrEKVEuDBn6Cw2NsyKOK_HBQ58RwLjrKaZ80Cj1A26pSKIaWYmxy6V0PgHC9IgVbHWdAzY7Vq6Cb4cvWJzupHNJL_eGdSetGAikpDGIYrBkG_afg7OaDFERK3aOsfooJKTOvyY4CFp5xjE9s8MBZyYQc4LxBN_94ZjsQFg5YT2WX9Kj-ftv8Q5xcw12hfrWWCRQL8-A4jsrgx3oLLdcYd4kPCDm6Mn2t-4BdzTUHNc-Uth0WmHMcyhPecLV8O2PRv2l6BYHvbKkhf8eyytUsvEDyrKKQZUe_PjH2T0GvaV_EjFqMOe2KNouD0S57oidDUPHsaBmwB1KczoguwOjU30tmSTPt9a0jNRoQ8CnsVZCiZhgdwpi_sLHY3AS2mcGLSNSsZGS9fyYDU2PRNQ9L4kZ4mHpmDlBfiRIS6gMyc3g6nB9yZhR90dkJhdBXxtKMblMvZc2_7UfzbFSk5PpstpK_mpcOwGQavshDCSdo6EfEIv8LsnQb1rhkSQQfM0FM7FWMhbsDZk7pvYdSHkSDGvmWaOhVJs9w4pVwjD1Hpe4FhvS-5iqrIzjBgsvLaDJ1eVJp8cuYQyfA5ZW6CnxBUZcIZXOTxWtuZTk1LR7BtZ4f2GjM7EtDUZkr16rymCj5Yzx05sE0ALNsRU5wQlBuFzhTWVWvNFlnv1gqfG7g3KrLJh8IgWAGzciN4ZBxjRPJ_RwHePcEZS-E-JzZ2QL_rWnqgb8xz_RMSrOBuKfiCM1D_OpG6VNFCSUaYVEnviGWZdnyucmlKtiyouJcH0VlfJcwtg0D7Fal0qTQyP3S9KoZJjQQpG-GHTF81gjbkqw93CIknAZmnjihsKameA17M128vcRRvzIdqoSZJsQsfvi-Q831z2n8hVmNriqHbQQnUXfJyZdZTGF5Sg3rx7qAFTWfQP9LhCmY6zyFVKvH5ZhB3HvcBvivWw_l8B36fystpB1VXzDJuVOlAjYGx-OpzkMmx2xHpx9WVltkyZldLcLoGwt4d2dXcWX4uH2O0he85G2ciDsTJK9bF1fjniKX8Q-695fjBXxyHmlFSjDfjsGdn8LKJbe_mHFcx5vYe1W--Hm1G_vu5seL6dOHgjFR0JZs86hWaQ5ePq8Nhrg04y91D2HukGNalhpCe6y5EU2PTbkOyfNISHGam7pknZDkXL64fx5z6JqxGmKbux-BBPGsTjk8f7V8YAJB8BZIufoRPlipHcYDU6X3lKeid9GzBomFc-PVYRuli9xk6lSYGEXMaiTBk60XcxGuL5u7aJkGipMvU5bLaExK1yjKVxYRXBbTb6ybo4qZzJlLI8uPYITRhSfV_pd5TH6l_2zOH6Zt5PoAksJMVr7Z02OrXIDrmNQTDG3Tq6wCaRIFZelL9Qm-A&sai=AMfl-YSlTldL-qPriI1QjDxb6LeGaq5RwQuc4bM4VoC5C6CwjW04qvri4fPe3MvDtDDHipw5pptb2NBuQdfTKiJD_ZvLXWdSJMlbsvgwZn0TCPIMJuetTm23VDXCdUcSC211bmn8MVLsMHtrAUCtPmsDbdSl1aYkLwmpgFyU6ZPq8Tjhzbao4bHpFUlI1ZpfloLhgChR3U3B_BNSlH5vQzbWjPuMogiqKjDBT9wVtlEenPV8Xbisz8w9ysMIDCVUlLKYLj11sx1Q84EXPBPj-zA1vI5HTExfyGOJfjPz-5NO-aFAp2A6JwZ1DxfwT8PNgYoAmlQXsQKh2BgnS9zBHDnb5OlynEqL6GC5pz_sIT9n0afpCpDGheKbEXz3aU6d3b608SQbEaL5xAYfoKVZ0hiswkdqpEfUQvzo3fe3np4ohoHcvvgvt5XhjA5pVhuaj3jKPN05U6gnQJYQLNJidQyVe4iLgut0dNqKMlC0Aqx3Y1fKLx4pes3EcOTfOZlwp8aImKK_TBg&sig=Cg0ArKJSzEiXqH0Kk5vTEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb2x1cy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=701&cbvp=2&dett=2&cstd=0&cisv=r20240215.49553&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:42:02 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 192F 0
0 103ms
101ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvMQqpbuFgonit886KyCaHSmUwv-EhE-U6ZfcD6CIauNc6T4O8GVg_AadgvnL4MI4vaxewuhhz4vJWRRbPkjU_q-T0cx1qgsx-vGoTp-88JqKUkT5gvf8b0dBwge-O0m1aUMiHjX4xBqOfwZrvGC5LkwIc8kiaFFmSqhR3kYcFlmMOjkyq4KqvgYNfUKYzwdzegqH7n0ej9Z14U0I55i4ATX7C9kF9rp0zheQK9UWZjSGu0lIJlccWhjfT5hc0NLjGU8VPHra_VaJsDzOUnl9wVES6mazPwPxKZ6rVjoS4d6MZzL3VbZwDWF6Y4MTU5AsxVwJlCqIt9rgvL2_fweA2MQ9zWhBaJg5yyPPoIelieTB00xV4-HoPvDLrhTluzWZ3_umtihLwNjcvuPALtPgFj0Jsc25pzjch4cYjnTvwVO1QLM9BI9B_isinRtO1n65cIZJ5tjUWuz_YgSUWr56H5d9D7GrGgXU7Guim4f1PQ6BUHcMSIbssFcoEyxeOjPI7oUgF-cDb168nhdoJqaot2X_66An8abjoXF9WkLZwOSXeAdY-7raM0nu2nQd5F66Qp5zhklpcPu9ppfSGNAY5h0fRgSHq3eCM4uMCmDzKTXp26agBbwlJ4I8DMI6Qvid1qvXbbwqLtY5D63zFiO0ABAYC1Hgi0_J05EmkyeBcwPHu_b0pzN8bAlCC8m0c21ZLPzlGN5N4QVoiJJwvABTYFfN6XbSkW_oMGM5Mp7hTw6vL_7x_41DEVfCoXS0SjxLqlpOpOasq3hDdDVCQ-HE3K2_3J-ABNANu_AUYX2egPdPKj-4tXCSgzEeGDoYaYg_Pa8yq9V45dtdJUs3tqrfEl5przMbZDOPP6gF1quhw8ikH6XYtQSaEvdaJJJZlTdMkwT4kNQF5lt_o7vGDBXK9Gg8ADnyK4DRncsdb1n4mLOiPs3VTEEI8-h9QUCLS09XTyjYgIGuGhzfW0pPV5_Tj91st-B5XnNJjadRN4d3soz4wVmtNCgHaFJmdd8CzC8h6BBu3_ir8631lcKDvBhQsa5yDgOhUXL6hWCs0voyZWJnjwVlATN-tSPt1YWjNmyfWftvm6HTDPfJnzTOPW8aghAWGbmXPW3oAL5gi1be0ii6cVwqY0NgeLQcz3Hcs__MlWDukQKPdcUOiphtZ4ffDYD7y3IpV1DKF8Z0WMBC7wxZKHSOibSgrkeWw-FndvLGlGUwpoYrL61I8yBdQIk3oxyNOtr6nNd87K8Zcz8N4byOa9HgbXN4SP-702uDPhBVn-DqnYQKTHxeTUAWxR6Xk8ZxaxKmOU3ObMh4RJRqTgu1CCycqd9xTRcJhQpWaknc-noLRmfyxl57JxzL6GGJxLczpn8H1Y4wS2vPKtPoInkC6LQfRP52MZY8AqIMPcQ269qspSkOJ_h4CigqSNlzV13LSU0WhKJ_f8oYgn3FRik5ynFgOEl7rEB5ZntPaSWcsuX5x-&sai=AMfl-YSs7zBCBn35CVO0lqVOeqbwVWnvl3Ne_bNBBzzHoNQamBtJwjMR-Fz8Q8U8xENvoRpDtLSrZGqh1JUhJZrBx94ITlULSucYXP9_zydmxU-_l4rOfSyQ9MmF_-Hbp962MIoPHiB38jwZx9-_eoBAM98gQQqxcZZ6-0Urw5OAXcIOn6zdEq-RmMwrYmn3rPON4tdAS1kmOQaMeFNpJEQRu_x-Aqm5atOSMphCveShapC4ZXpTwbtjR5rICBzW5oDpMtAqqFF36Djxxa-zyXcu3Wk0i3Ypzx-f_m-FbKO5ow_7tPx57ekKBK4zDH7ZF2qfy9T9Xk6Hs0RISk_3lPjF7l8s_6XdO0OaWxP79aKX-LEE6OxH9R8hHHXG2TzSHw-idpuAFveikrNtq20UJDTaYpNR7J2Ox5Zv-87NswqfU0HUx_OLJ63CtPhBWSeuJFb_8lilVtYNkiJKa_qXcTnMYe5Bh2xnsSwqWXt1i5Y0QiI8Lxnzgh4Ra-zFHgVar_-rNqESIlw&sig=Cg0ArKJSzBBfEf3QpBExEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb2x1cy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=688&cbvp=2&dett=2&cstd=1&cisv=r20240215.79626&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 20 Feb 2024 10:42:02 GMT

GET
H3 200 728x90_atlas_1.png
s0.2mdn.net/sadbundle/6969519633717796610/728x90/images/ Frame BBA3 751 KB
751 KB 69ms
64ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/images/728x90_atlas_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150808b487452e29592ee329de0e72b0afddd683d92ec87a9df2ed9d350219dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6969519633717796610/728x90/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 08:11:54 GMT
date: Thu, 15 Feb 2024 08:11:54 GMT
x-content-type-options: nosniff
age: 441008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 769221
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 18:57:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 2D0B 0
0 100ms
95ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvyQ5bMYwVEuD5mxtFwrDM79nWrDnvZut7RJiyhmIq-jW0g7hSLvGRgPqYTdSoyR1MfLQOutVgkcgDLPD5QWooPim4X8UgcBYYRVp9R2ZtJcno0-xOyNvRs3Z8ulkjMYaAQnOJkAWVRipwue-C-Jbg-XdSMbZtUUiSUMKAxwt7ovRGgp_0aEQ8sl2VCUOH713S5rDQyRko5H89bn8dwSKPqFYRYz5GQ036ldJzWiU7c415X518q8MJXs8rEnrt954Kay8ooLwC5AhPk0c0vyaXdMz3LheI52-HckPnV6mt96G_QPZgLVUUkmgztdh9qXOpc1gWG40-sACi6G7H0WNKR5ck50Rns_v-EfiMTG1oSYIF2CsIlouielwigqMZSNBz-RiljYo3WHXp2_k8EZREyLT5rF-4GDMrhvBbUu8Cl4V157Fe11IS2CWhFNmazFZwJHf-LiVUgEv1inWD_-_rdC0DjslNl4VDORuFLwJwpfQdmhddE2Sk9tF8Qv64Cy3qFITzjGGMgCXQ3hj7eBnPDpFW2DxKg1dZ0CdfIAUt2rumI-mOVLaEVC7tmnVb5SpTvy2DUAQx2v6E5OVNCHU_3GSeqvz0Mova-9lmcN0g5mLdKVrmWspmNQN5qCzaA5DjbcA7xk2NWaikAErtxr-rVtimVSQ3hjHMwEm9HCks1dElc8U_seYggOJYIIioxFI1QxBoyGgR9nudhU4SyLXaBDPAL8XkoxHOx_BU_njG6lMDsRYO7bxQT0-ogZMhBXYsWIoKGJEUKYQ5iBkK6YR4OECCRdenUL9I05azh66dBAN-jnEvixhrMtSIvpjvrt-9X6APD-b3Y4_9EFvsWJPcqhNbhlnJqTs1vCuhI63fna4yKYcqpg02qOfJbzTj7_fmbhtyrY2LAvUSE6huSqbruVaFZHEg8ININBZMniNI99FI84TmWtHlpwz_DAZv7DvOZ4MAb2mlPcKsuyy7Ud49PuHR_xeBcpxZ9yBfBtaA3cUVEP3hFqlQ2i-3k0r39EDePFrM2gxS7nfoFBt_FpCTOhDLtyumNWoHdPgzj7XblW52Kle4t8JIH9d0ypHxP2U_ajBmcrY4k6qLA7BrnqT8as1eOUvBVRF4gAKmvZtSD5a0TlIBWuazank7tbzDH10LeqgbVWm-lpDPhw6qh2mF55cYIEstYpuzGNlMXME2WQOdbI5EKEeimWBsCbhJBcMdRM9nBgq4tY_m4YedTstLQD-yGPAtymdgtt_x9w2qlcqYbBeu8UnlOXsy1yGSh1CzANovYz78RacFbaWYRkxSGQ6A0MuCvR12uZ7_3jah1cicB4SsCF5sFf719eopc1u1bSP6W5UhpBgyodkfFjbvMOJYxq7IF7WMMWC60KUrGWgI9hSeGsJVU7AbAbuWfd_Li3cI_vpU_GZGQF7uN0XCKG1O0SGd8-lTr0d27SSpgbSff6JkzDrUWlZk4L632-bKeVFyHT0apswa2hFeDiS7Bg1xmZ_fidZ8N8g&sai=AMfl-YS8kzkilyC5qcsmUKIZ0A30iga1uUVLtVZUY2qhNE5cKfkMXSVbZDhvEzv0LX_Fm33qxI5zvm-zQRno6F14fI7ofnckT_FYdubUvc_d_sI-Vk_n6sxLaJo-A6xh32SIXVTVeBnrIOZZk2Q77fv3SknxvltRKdps2cEuvVTrmCXIBGeo-Btv-nwg5Ka968f0TazKAIOElgEzj6r6m1tTok3S8atwVaUNGUzBIAGDMcKwVkNk09SjhnXCvc_QyKlMgL833T1b_GaavyLq6lX9h2IIxFCku2QwLwhGNf5bZgRYTXACPqh2YXSrQqCbL-RtAVenIKpTPO3UDc4P6um2t7O5rPiraoHMY1nswwP1gvkQTtWRKWqUqtuC1auqWnyrGisGzfhOuGRT6rN9O-rDk-Qyj5ZHvmgPpqnvur9s3vEps6gd5LiRbGlIgGRN2gaPQYPW0rQKWClyVWG3zb1q8EjeEmnJDLSQmNNV_a-O3sD7kl-GHcGJjyA5nxPa1wp314RtgCI&sig=Cg0ArKJSzKpsUk_JPpWZEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hc2FuYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=831&vt=11&dtpt=450&dett=3&cstd=376&cisv=r20240215.05328&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cu9.yalla-shoot-new.com
URL: https://cu9.yalla-shoot-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Feb 2024 10:42:02 GMT

GET
H2 200 %D8%A7%D9%84%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1 Show response
cu9.yalla-shoot-new.com/feeds/posts/summary/-/ 18 KB
5 KB 224ms
220ms XHR
text/javascript 2606:4700:3031::6815:6032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cu9.yalla-shoot-new.com/feeds/posts/summary/-/%D8%A7%D9%84%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1?alt=json&max-results=6&callback=jQuery36001733790707651035_1708425719931&_=1708425719932

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:6032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b41f4061d85a930a37f21f95d4a775d21752cac9aebc7cc20f65da4fc7a8a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://cu9.yalla-shoot-new.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 08:45:09 GMT
server: cloudflare
etag: W/"78d121307b4dc59590b7211ea4766f9817b77ba2b1ebdd8573d99ff3e95cd2ba"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiRQjcMvsAmUqUOO523ijqwDkz0yb%2F2t%2B8Kh%2BaJTHA2zB1HxUn2wbNvTjKmRkjzNqbChmDf4x0JhFo08yW0BoW3OJRQa14ULBlH8eqyAj01%2B4LH0gn6upWBn51fqzY44V1GMXBkmFepvSRPYD%2B6yRNVK17mesQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 858623fc5ffc288c-MIA
expires: Tue, 20 Feb 2024 10:42:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 244ms
115ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3022b793b095174f794b68fb13a0be36f1996f53485b3e606fb3671768579a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12426
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C33D 0
20 B 137ms
136ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPQ6m-IHUZYGAEam-oPMP8NG66A8AAAAAOAHgBAI&bg=!JySlJGvNAAZN4L4YbeA7ADQBe5WfOCCQmcg_zZ23OQwd_rrW34CgkcEpNnjOGnBoQmlgwn1lBjNmr8agIuhd3VEpc5YFAgAAAa5SAAAABGgBBwoAVm0sbQlvSGnsK4Qmc8XQseyidSDK-qGmH5MQp0qWM2LyrGMjCYWwLlnnHdpwdTBWIxE7F1O3BqtpanSlpRkRJYQ75J4seltjzZm4jfxquY5zIbI81kg4mQMn7HYhHaoLk2O_MMAkMvnoy7hRO_s_uoKBQ_V_ofIxgZsRDDWZaaVBfOY2D-MkQljexuRTWO2T4GDh3cZk9oOqc7NMMJ6PCQORqPLh1F73hXfUcVaaqGX09hDd9JIzalj0YFGcSAPzkva7PFt4ctBN9lmYURVkpTRH17Exrk-qOHtaE-jrCeGSJvpVq9FlCYRuuMPfPkgmeSpq0_EH7vtKpcKT2mrpUWX_ZmqFFMb8AY02CqGnCNbFDDFDjl7EYDsUiqdjXw1_drvMtbeqG5bDRYl9rthHRdwdT2mcriUUzn6TaMY5qRxAb0bAvp5f7CaAmIHVG_lscPHg0c4g6U-53LN4FqMKU93-D1FZck8oR34e3PTh3QVeD5zZbRlelfXGGTyHJCzNxmV4cx1pGhKazsKVQZANJkJcbd_Zmt7lufNaKARsH0nd_LweORdyr6lJ4LyDATluGMxb6kXudwZtfp-e9aSBv8QY8dCzJW0hJO1-BqNXfvxQxTDOYJIliL6-FY3glAsA_KQxm_c_TGkM5oCqmZFYPfIu4osesPLzpuG8qEqMvFX0cTtt5dAP9V8yxpRkSLDZMVPp3Y_Jt_5rKfqGwxStlHY9WBdTwMJORqCucNqAogjl7zzFFEphTUOu7LiJmoOAoiDh97ZxHQKhksNfGayPMHDBn9YNtIB_vAvpHrF1ji3bl6x18egKemsBkEaJcnRzqesL9dSwJWb4iuINpoTZ1C1qzLSrKYYDJOyY8ldQBoSg3pAsXWys7kiZnYDcC672Z0r30MNVCzMG101LJ8G9zyqnQz9fw-jAlz24SqMbMGLEQGD6dYBpJHNW8e_iL1rsdHnxalzOyj8fTfWBCkxfroQpMqbzWCD3jLqxCxKJCh1NDn4oXE4tNuG9PBL9t_88em61-nY8LzSDSWUmRlYK5iEi1lFthMYzIj8dIr6rGtajhq4YFhdTf_pmafp17NXNJadppvYI1Slx84IPe7o3pVLujxgpYZZcFzyJUAvdsVDUovRG7gXkvXjIeApMa9asn8Jh5ZmjCMbDBW3bngN-G-8M5j-1On3uHBq25_k0SWQ2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cv.jpg=w72-h72-p-k-no-nu
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO2Fu9aG3IjI9GAC1UX_0AgoDHKcWfRuFJJrCVj0DHQ_0LvO7Lv5kD6CFu8EWrEvW1lts2n7tuNnRjpjKIixkGvR_fyd2_nflaDAJnZ5xw54M9j8xjSqh52soE6_014t0M7QzbnXuKrglgfYoW... 59 KB
59 KB 748ms
611ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO2Fu9aG3IjI9GAC1UX_0AgoDHKcWfRuFJJrCVj0DHQ_0LvO7Lv5kD6CFu8EWrEvW1lts2n7tuNnRjpjKIixkGvR_fyd2_nflaDAJnZ5xw54M9j8xjSqh52soE6_014t0M7QzbnXuKrglgfYoWJ9y24GJyX_xhAtsu3ce25BweZIRI8_4BT8WC34sN3fs/w552-h418-p-k-no-nu/cv.jpg=w72-h72-p-k-no-nu

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3a05be5abc3c2c38d448d513a7576493aef695906a9c2179478d5101321ff4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: fife
etag: "ve62"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cv.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60793
x-xss-protection: 0
expires: Wed, 21 Feb 2024 10:42:03 GMT

GET
H3 200 yre.jpg=w72-h72-p-k-no-nu
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuqzG8qHi3yaxRUVQUnsyCZLLuO7gMiJn-U-DrjEsAAocMsNa6_cgVCghB7ub2lrwtA3BtOITVxD4kT8IOEjFiZNXZfAkKcw3ihzaV99LEKYGIET1SGCO2lWIVp2XxgtIyAfvcxll-zIDkmWid... 23 KB
23 KB 812ms
677ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuqzG8qHi3yaxRUVQUnsyCZLLuO7gMiJn-U-DrjEsAAocMsNa6_cgVCghB7ub2lrwtA3BtOITVxD4kT8IOEjFiZNXZfAkKcw3ihzaV99LEKYGIET1SGCO2lWIVp2XxgtIyAfvcxll-zIDkmWidZvP49L6aUv61Ka-2nCKkzLIK7sqjLxm89m7BY554bFk/w268-h198-p-k-no-nu/yre.jpg=w72-h72-p-k-no-nu

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

81198549e25b6d9a5fc3fd82e51978bc1d6a0489c0f2711ba6ec89309cd2b853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: fife
etag: "ve64"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="yre.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23984
x-xss-protection: 0
expires: Wed, 21 Feb 2024 10:42:03 GMT

GET
H3 200 1.jpg=w72-h72-p-k-no-nu
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5pK-VzLy_KdghRb4i0ncbNRwA8CyyrsCWpPCmX18xcfNJZwj-xJsNl8aId9lo6rTJ3BzaXijGMt2rWgpYkqP-BThBJnBk0gOiKEtLw-A6TAwORMOPLE_-8S46PJk6byBKiUJcSfMHIj9XOpJK... 15 KB
15 KB 782ms
647ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5pK-VzLy_KdghRb4i0ncbNRwA8CyyrsCWpPCmX18xcfNJZwj-xJsNl8aId9lo6rTJ3BzaXijGMt2rWgpYkqP-BThBJnBk0gOiKEtLw-A6TAwORMOPLE_-8S46PJk6byBKiUJcSfMHIj9XOpJKwdtrT7sWe8DECVMUnMhEAoVxITOwSA2u-RDvaVmK3K0/w268-h198-p-k-no-nu/1.jpg=w72-h72-p-k-no-nu

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e94db37c4b16077766e1e5de6fd73170d9aad8cf2c55f7e7344d21ebe29bc040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: fife
etag: "ve61"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15678
x-xss-protection: 0
expires: Wed, 21 Feb 2024 10:42:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACCF 0
20 B 209ms
207ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bp8yG-IHUZYKAEam-oPMP8NG66A8AAAAAOAHgBAI&bg=!TU6lTgHNAAZN4L4YbeA7ADQBe5WfOCsbMVJPa3_p9orgVTZHiGeDO8vDfq9an0RYQ7cohQoLzulxcv7YlAGLtfZ_M_RUAgAAAS1SAAAABWgBB5kDEU5WQLL7r6z2hmwLQQbUlfyg89XTvScv3hTGK7Vb59y_4lUwJWMUghkdGs2v3ebqecD4ZetxNzlMn8u5AXNkCXWVC9zfp8TVIdInrKeW0HQ2VeLnVdbdEzMeX0rE5NAzJ_T8ASCUzehx9CRRAtN2vIDX3bnocMUNmLhqrFPT4N2bWInuv8Z6UddOCVUmJh3GKfCi890dPqqy4bYKzWu9f03oDZKPasgqvquJcsSMrypY--h_XD3wduU-GHg8DO5_gW8-JyEun318A7VZDAASLBLuhs7oir6GeriBshNs9pKj4ZP37LLN_J5PoNfBZ7s4F3tj9sMYhwMn9ESiAiWRWxIECMe9O1UhnJ01w_QHtcGSXCp3zj0fcwa8FtipYul3jvCxY7WZ8N3L_3EJOcRO7YgsbMuDdNzFWoAMfb6L-mpimDExyj0cwHGQwOABo6z3gHPmZRhz8Z39nxH49Xjx--g8X6LNlcM6my4sYjOIdAtdf_Ze110OJh4nA5fBXcQ3gbTIYCe-H8WP3fbTfHXiG18FdFTvB6h4N7ldTkoRc_7Dr0seTE3ZeAFShiWjhTgeHCaQBTm9L4BLtPBQWeQZXq2Flbo4dl_4nboT0RAk8VITa1n3u98lypjNBZk6e-bPB0ZEE-2lkgT8SeisgzoIIXj30Pj-AlYCrdloD2j5J1CJJMl1joi4sa5CZD3cbDVfELoR97DlosQvWax7kbnbXrCT6zOkGlASpH8z6_3TL9lRPBTFJGkVh3enyaGN5QJJh0G87tVeS7TfEYETJH1JIS5VwivHBGdRct1Oi7Z4u6eZHU0NNP_PuaEevNZS-PgxkfqQUzNvZDYAh1leKT20Pt0q9b0fmKLuaY4Mnziq2rVWuxpJNW92DJXD9DhthV5NH8h5-OJBb8uEgibBO3CeE2K7TqVPvXcEweQi_nAp52VyMyxkSlWoQ3UwpkLkIPRKNvLh0co8d0P5htWJ8IHigwvTXr0XhMJxFATP4zKo347hERbGGHU5GnE-ddKGK865KoWscbmMNkWCpoQWNSeqsCkh

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABAD 0
20 B 209ms
205ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BT2dx-IHUZYOAEam-oPMP8NG66A8AAAAAOAHgBAI&bg=!EBOlE1zNAAZN4L4YbeA7ADQBe5WfOP_tK-Wyrs1KyMLL2RBJcDGjQbztjn4OLdO7oNKdG2nXJ2fEfufycwW6Vf8uaZv0AgAAAR9SAAAABGgBBwoAUrP4XBeSKgWmH07i1FBFA6kkC85J3fc0-hJomJmH4CyLB-u-KeZAC4KDoIEiUWx0BdU0jlZhR_eWutsCA7ski4Zx-ZQM_UyxjtbYd7uo1Imcri6ZAzJDPseWWXXpAtVNoMu8Kd2b_OpGyPkwjEH8YVZWUyKuRikt4pnqsgfgY7wxikOfoh7RdOBz_DgZwxBVAsWb_TvuwCF8pN99i4IN5awR04eV1ZdeFlG4-h0gtnYhh5OOz2OGqzgFr50zw9n1s_oYEATjnLorgtlv4Tf-IRiiu_Nb7d1EHtST0sEvELBW8LLQ_ZzsxtrTmExNLwvzLxlOL7zAF3FsBd24CCeNo_dgkd2O85YPHiFBpWjLzWE9mQBufclV4JER0EqZJqENPfU9vZ2pEMCV3Cuz1q63-jd8KTXSMDUQ5MBshAago8_slclfYv88ATH2hKmhPLKRqzsn75dWPEQAXWCt6kHEsb1JZtOQfDmfZlNq1-icknn9db2fUzfD0AlLAZv2TyNs4DC0l-7RcDIas7Vbq2Bgf5msKVFQfvGEb3nt86nwmDSKztn7qgoMQVwvRoWJYksQ9S9Qc5tK7a7Q6CTfz5YJ5TK8vlQ0cQohO7UnIjRQp-rPd4EDOTeBNc-0fm3t2gGpwItOYEruiYl5JTvdHq-nD9s3Ml1ecFTFfXOP2MECxBdcgZI2WsNFDif-IM5p4mU_9Xoa-dzm8xtVYnb_C54LiG6QyEu4RLTxWN362hMyEXbrkyv82obkJuBgyCLDevecx0vA4m3u8y9R5C0pLshNzOyriAcWytS1p9ITczf2blK2dwgBIxbYE0x75QpDPNpP1tZO9gdTiXPPIFE1sAnRjIJ3taA_YQqDR5Nv94AkdjtxkgtZho1Cnk6srAyOGKvvqQ0l7FjjV9P_Hz8PJjm0XpO6Snetiz4m8ggtyVQukBI3kSwX5ZJkPruGiyoxXzzHAThxSJW1stFlLXaeFVAVTbtGrPiivYX4K_QoHzf7UDl3tO6-dWWfjhzQQgME-z6r0HYMQDERehTfueZbunq7uAyrR-z2-_GVXHBimqP5bOSh7Mic7TJ1RCBP3qBYI4u5-RuAm1L5CYydCy5iUGyhP97CHH58-XkuSxwRiyDma4sN9zmbfyyjaiWCReb3Hu2vZKvtNKtixMzLG4MkeqqGqvuLZFpGM9pXv0v-ZZ8LRAYZokhdwv0v4Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 94ms
93ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 10:42:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E311 13 KB
5 KB 66ms
63ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 52391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 20:08:51 GMT
expires: Tue, 18 Feb 2025 20:08:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2DF0 829 B
996 B 90ms
88ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

abb89e4d88ba92fe78edfa5af28d6c2e21b9d9f98e79f6f90b4c8bf33ef7e966

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TayL-AImw9g-tk7uw7sC7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cu9.yalla-shoot-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TayL-AImw9g-tk7uw7sC7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 10:42:02 GMT
expires: Tue, 20 Feb 2024 10:42:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2DF0 0
0 132ms
132ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=2837033585240763&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame E311 39 KB
15 KB 68ms
68ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 20:08:51 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACAB 42 B
64 B 99ms
99ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEjv1TaVz9sS_SrSB2i0mzgb0C9WkGVYGw2YM07v59EEwLKC1Qni0FYuN-tFGKl8BVrzBTdWvDgAczsF0a5HjdZQkNZfkMJMQPzXpOgMhU8LiBk4oS_saVML43Eb3C_CL_my2KK-e_9f94scl9SlBXtGW-vMjKLtA&sai=AMfl-YS5PENl2P8ah-UpDG2CbB_PPvAbIsyipRqdGtAJZgGLQ_ijUtsS3R1IWRsPv7LUHCZ1z3cydIWFJDmriyp4V_SOD8-2mhnx94qks_buiN_gz4sJvRmVxs4j_DCrNc9v1_SPHC7035K2rcPEJdY36Q&sig=Cg0ArKJSzDW_KuO13TfhEAE&cid=CAQSTwAvHhf_sIAj1-7Clv8YuTotVsfcvd-OnmEGL-fFbpzmh-F4OT4o8z3JZuf1tTRpaSpAFA908ax0uj7-kXuAcJxLhcYgOqJlVCf0AFLPK8QYAQ&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2097946291&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=435852100&rst=1708425720181&rpt=1601&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E311 0
10 B 76ms
76ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?f1XFLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D0B 42 B
64 B 100ms
99ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsss2gRmMMXFWZQZDBa8vIiNstOc3TBXcTFhpdYZbeIMtdDRbEQXqPYGOxpvgQTuiZUqd1MIHt11kHl7Tnpn02idDQhbvjIBhYTKHBxHedX7hnKVAicMrb3TLLFAFuAg5h4khsdOplHW74yJfw2tVyia2e6QvSjw560&sai=AMfl-YSEd5O-Dvan_jCcmv3BJDe6MsyyF_o8R7tcUvXFPnvAZEe-QWXvz_s03XQuJlX9LKpyQkupnWBeduxHcEYkDcCWU4gvLZ_9CsIzjHNzW1V2zJ0nUQlZBrA28623KuNKmXfBmV2YsFcd940mQMXW&sig=Cg0ArKJSzHw6rOtY9WwnEAE&cid=CAQSTgAvHhf_228A4kWsLWdPLAuRxrBSeJz3TVvb1JsEXaIb8niJSyHNsgXp12cj4mVEt0jIcVGWTewNuiSzBlhdR2lDQQbQI8iKvKzx8kODjxgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=821,1001,1001,1001,1001&tos=821,180,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=435852100&rst=1708425721399&rpt=609&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5EB 42 B
64 B 139ms
138ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmvinZhg7HAGNL4yBsrFC1RxCsGIitFnAK2HpNzgfnwKjKH1BTormXGj2RSBKB89L91FFf1wO-Gk0Pi9yTvpasNE7q4LSzEngegMdHf7LdEtyu_SSlu5nBfyMwDJcfxB4YEOp6tySnI0-n6QjRNo4s5LaXfrkc6WY&sai=AMfl-YTgCwKIracT_j3Ia9aSXSHNXrs9xQ_gKdqpuVaTAk6sHfqwD9PeW76BKw8bPHQyjblwrGd2AMovCaj61dd2r3qrWBbgkgPwyTnNbVPZg8zxtndglnplmGvNJqI9QbznckTbbrYgin_DdirClVTe&sig=Cg0ArKJSzABOd5K2QQaFEAE&cid=CAQSTgAvHhf_228A4kWsLWdPLAuRxrBSeJz3TVvb1JsEXaIb8niJSyHNsgXp12cj4mVEt0jIcVGWTewNuiSzBlhdR2lDQQbQI8iKvKzx8kODjxgB&id=lidar2&mcvt=1007&p=0,0,600,160&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=435852100&rst=1708425721324&rpt=587&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 192F 42 B
64 B 138ms
137ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIMes_RE_YVM_LAuelvnrvaW0UYHL4ddqyYcmSvf0Tx9E9N56LLo4-TTSI3EmjM1tGvU3CWiHbgPS6SJ2dpplH4j51KA3pM5fIzcfQ6tlGZHcp_l0_U2tV6Od7WJr3vcnQ79E5y2_Y8WM27t-ziNa22xnNufLr6Yw&sai=AMfl-YS3O8Hkeum3vDcYP1Vape_GX53V3KmSHrzYmoQ1ZQ3L_rppzwun3_3QzH9JV8cNxU9kzXnM6DbI-5buHHbbUxSPqFTQWKk36kee60lq0ykMIjCmkRWVDjHXOQqW3I3WrtAEwG5u6hoc3Jdr65-F&sig=Cg0ArKJSzPxQWeSg3DQkEAE&cid=CAQSTgAvHhf_228A4kWsLWdPLAuRxrBSeJz3TVvb1JsEXaIb8niJSyHNsgXp12cj4mVEt0jIcVGWTewNuiSzBlhdR2lDQQbQI8iKvKzx8kODjxgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=435852100&rst=1708425721361&rpt=559&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1.jpg=w72-h72-p-k-no-nu
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5pK-VzLy_KdghRb4i0ncbNRwA8CyyrsCWpPCmX18xcfNJZwj-xJsNl8aId9lo6rTJ3BzaXijGMt2rWgpYkqP-BThBJnBk0gOiKEtLw-A6TAwORMOPLE_-8S46PJk6byBKiUJcSfMHIj9XOpJK... 15 KB
15 KB 366ms
365ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e94db37c4b16077766e1e5de6fd73170d9aad8cf2c55f7e7344d21ebe29bc040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: fife
etag: "ve61"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15678
x-xss-protection: 0
expires: Wed, 21 Feb 2024 10:42:03 GMT

GET
H3 200 yre.jpg=w72-h72-p-k-no-nu
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuqzG8qHi3yaxRUVQUnsyCZLLuO7gMiJn-U-DrjEsAAocMsNa6_cgVCghB7ub2lrwtA3BtOITVxD4kT8IOEjFiZNXZfAkKcw3ihzaV99LEKYGIET1SGCO2lWIVp2XxgtIyAfvcxll-zIDkmWid... 23 KB
23 KB 338ms
338ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

81198549e25b6d9a5fc3fd82e51978bc1d6a0489c0f2711ba6ec89309cd2b853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: fife
etag: "ve64"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="yre.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23984
x-xss-protection: 0
expires: Wed, 21 Feb 2024 10:42:03 GMT

GET
H3 200 cv.jpg=w72-h72-p-k-no-nu
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO2Fu9aG3IjI9GAC1UX_0AgoDHKcWfRuFJJrCVj0DHQ_0LvO7Lv5kD6CFu8EWrEvW1lts2n7tuNnRjpjKIixkGvR_fyd2_nflaDAJnZ5xw54M9j8xjSqh52soE6_014t0M7QzbnXuKrglgfYoW... 59 KB
59 KB 356ms
355ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3a05be5abc3c2c38d448d513a7576493aef695906a9c2179478d5101321ff4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 10:42:03 GMT
x-content-type-options: nosniff
server: fife
etag: "ve62"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cv.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60793
x-xss-protection: 0
expires: Wed, 21 Feb 2024 10:42:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 134ms
133ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=2837033585240763&bg=!_f6l_rHNAAZN4L4YbeA7ADQBe5WfOOvHXZ63zCi9APv3TOjgfid4ZSZ8vws2v14FpYI4ib3LGHN3BbkXpmqLWOJo97O0AgAAAJNSAAAABGgBB5kCyNfihxieqONlNWKTpfAi9hk_GDvzn64T2Y8e5yDqfv99NlOr8VD3KSsVHiAaS-LV972kh7ggKKuOqwBQHIx9-wBHbGs7Yvo-cEnfhTuW8Yf9AIwnHqaKzbYKZ3-BsyIxKsTzWjD1P9NK3mCrYOP27RJKGm4uGGDhMeq_KTvFQFP_z4WQpWIc_bVAq-k46tqIgUjBMoQFatWWpY71pTK_yk_Kh1ZDMakqgJ0OoYZ26rOaHkFHXiDYCLqUJNfxdmJCU1t7XUZe0uorzyUxKw1TK1VJIAvpJ-PCd-Fa1dxVTDEMlA98BOjokjNXVztO18C8233V29HhxpTnVxfbJqPBPDS0Y__tKVYqIaeUI_h2ce-6gMYKOs0KkJ_jb7sVqpXalCGzphXcd-1ufyyGXD2aGHMpv4LSirkctH1G2oPEvhsc8zzEZpZTAji9knIr0RSNOvMLy_qs4Zgngc9w2_rM2ZIlLmnL4BfQ1QwNZE3m3YHVUUUjJ8u9cMlfIoGTBUYElz48rb20taDGJKaRDdXmpE-GSP_NpZ9CevlAtNN8PtOjzCH-GWS5fnMLf4d_kCcm_TseLqjwiev1s48ghcFcCWZmMHKmLojfubaJvI_iMNxpwIn9iGhacBn0hEDRiKxg6FK62e7TFUlSJXLQ4bHD28D_IfC3qWnBTYXy0NDIh2MKPQOanqjodTf6rRm2z5F2XwoYP6qw5_VCbml4sx55T99Bn64lxPTAjhzRCoRP0uEdI31TL6_3cMzUlVphUoTQXHsps5HQKGq2jDOjTb0Gw33nUA-v1GTtK_sd5hT3EFgVzoYb_5zDmcCMsxIt0LaeVO514sJLURqGDVtyLBG62DjVpU_kF8vfj_VpyepLCUI_Pb9aaUBRn_iZR0dRaipGXnh4j6Frnhp2ijkJHboJ_t_LfgWpmIgIEHzQw2pC0b_JzkR7uKLzu5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cu9.yalla-shoot-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yalla-shoot-new.com/	1970-01-21 04:09:45	Name: _ga Value: GA1.2.1918593651.1708425720
.yalla-shoot-new.com/	1970-01-20 18:35:12	Name: _gid Value: GA1.2.1914089141.1708425720
.yalla-shoot-new.com/	1970-01-20 18:33:45	Name: _gat_blogger Value: 1
.yalla-shoot-new.com/	1970-01-21 03:55:21	Name: __gads Value: ID=d177e5d9bf2eea28:T=1708425720:RT=1708425720:S=ALNI_MZTmr5DgAU804ezL90QV5iv09i71Q
.yalla-shoot-new.com/	1970-01-21 03:55:21	Name: __gpi Value: UID=00000dcb85483e73:T=1708425720:RT=1708425720:S=ALNI_Mb7hZI47emTlI8SgykQf3im9ziwkQ
.yalla-shoot-new.com/	1970-01-20 22:52:57	Name: __eoi Value: ID=1f85d48e52467229:T=1708425720:RT=1708425720:S=AA-Afjb9_ulx_z4GOQ9Rd3BQs9Uw
.doubleclick.net/	1970-01-21 04:09:45	Name: IDE Value: AHWqTUl0-5n45Ek1EvMUM5rRWLx8_Hti_xtzlaAuLuX2D8HMmWyby5GboOLG9H7C
.casalemedia.com/	1970-01-20 20:43:21	Name: CMPS Value: 1531
.adnxs.com/	1970-01-21 04:09:45	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:19:21	Name: CMID Value: ZdSB.cAoJMAAAHijADec6AAA
.casalemedia.com/	1970-01-20 20:43:21	Name: CMPRO Value: 1668
.adnxs.com/	1970-01-20 20:43:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImPMIBg=!@wnfH8K6pQK`!5=E<L5?%M30ep-K7S>?^/O%rbdHJFlcyY0i9NzQNZ30Wj%nugO%v4VB%nnkx7qQi
.adnxs.com/	1970-01-20 20:43:21	Name: XANDR_PANID Value: 4SMSRtK94tRbKzrvMemZwiHMMBf4Z4Ys6rSmWLO6Zofr9-xKfcWryDTBzWOeogrYVsTjEGtmuUGfsuyOE6OtS5Lu7z2SvIvCgdCyS5tcoSY.
.adnxs.com/	1970-01-20 20:43:21	Name: uuid2 Value: 8522227932538351350
.doubleclick.net/	1970-01-20 22:52:57	Name: receive-cookie-deprecation Value: 1
.googleadservices.com/	1970-01-20 20:43:21	Name: ar_debug Value: 1

106 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cu9.yalla-shoot-new.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
blogger.googleusercontent.com
cdn.statically.io
cm.g.doubleclick.net
cu9.yalla-shoot-new.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imgs.ysscores.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.250.65.198
142.251.40.130
142.251.40.162
172.64.151.101
2606:4700:20::ac43:4870
2606:4700:3031::6815:6032
2607:f8b0:4004:c08::9d
2607:f8b0:4006:806::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::200e
2607:f8b0:4006:81d::2006
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2004
2a04:4e42:400::347
68.67.160.75
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
1016fa16e2cf66770420f0046a289f7bcbc6845bfbdaf47b1e479b88fc1d5d3e
150808b487452e29592ee329de0e72b0afddd683d92ec87a9df2ed9d350219dd
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1bb1a1bbf667a25c97125130784745b47ee1c0608f213e9027dd52afd890afa0
1ca648524159035e01a1421b1b8ead66f0b3f88301789c8be3f0a86d7325b8cb
1e8c31fef3a893e517e698ba54fc9faa8e4ab508fd669498ec9b73606736f1e7
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
26e53576071252aee7ff421a25161d94e02f1f9f0513c5a7b895e8ca716107f3
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e62b98557326cd9dfe590ce0dcd5cce2eae900eb6b55b4b7c1b0653f6f1f99b
3022b793b095174f794b68fb13a0be36f1996f53485b3e606fb3671768579a15
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33478aefd7a497d9fefdca8283c39959104ea58d449fc8b05631f6dce1e0bea6
361ec8f707a75a998c63727f91b91ee86e4dfad224ef555bd525a4d352da44cb
38d41426b9db6fb5f4e067e558a50ae1d01bf093fb7dbc421c0d80c98866c05d
3a05be5abc3c2c38d448d513a7576493aef695906a9c2179478d5101321ff4ac
3dd435edc3fee9d5de3bfd982d3a01188a155a482fa0d5095a6aef14f8d64e22
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc56daa63f888c0ee8b9fc17ec65399d97f6e0df3b781fbef84b630e8a45b36
4f937bddf37574c563d3ecdc5e24079730c9b760c8b938625d401b46eec04a5b
4fd133baaaf2456073af1ed2ecebb17653db8c3aeb767a1ad5a5d328074624f3
55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5658b092cb3a9c0e674d3e429fb83dcd633686092ecdd3ce220cb61c775d84bd
59e7d1dea63534ba89dad444bc9cc03f74651088eb0ea0fd8ddc22350c4fd68b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644882d2696de1517d9ca5eac865c328b5595d28d90e68277804a1c94435f6b0
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
7721888cce4a8f749a55eb711591a5c24aa417f20e9e565b2db7b0dcfc0d3543
81198549e25b6d9a5fc3fd82e51978bc1d6a0489c0f2711ba6ec89309cd2b853
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
98ab2520a56e31a53f0f9d09a496199bf9817719874e0691e22e275d00b2762b
9a03d72e6354d838e89a7a328abe45040de7a45eb5eadbbf675899a817940373
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05bae9849f96d1956216480b5118d7efa485bbe5644ce482d6bb672135b8deb
abb89e4d88ba92fe78edfa5af28d6c2e21b9d9f98e79f6f90b4c8bf33ef7e966
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41f4061d85a930a37f21f95d4a775d21752cac9aebc7cc20f65da4fc7a8a3e8
b9862033a6148f9189447a61ae65696a471b0258e9d14a05c041b0ea0b54d92a
bbecca5356c298a759399e6a3b5631b4a0941c19b2b37064f5fc4eef2eb35ed2
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bf72c1343fc185649a968122ba059a0221009db5c64299d56408b8a702903fa4
c74ca64fde6b73742f42d22bea45493bd98b3b5fb0b1fe7bc96ea58116377735
c810d287af0e3aa96559e44ab500544dcb1b6d969ea634f93ae2ca0a77ee539e
c848daad20ffd6daf6e2594fe146e91bb2f897bca7e4d0253cfd69fd32345afd
d5903b55800454ea6e7c783119814b6ea03ce7870d46bebd248b2ea17c9bf58c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13b2ad0e7ee0a581c47f0046c77cbb7c260776a75afa66b31ac34be7d4bf14d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e682b3ad684d79f6108138e9028dacd5ea730ace6bb2ec73f0630dd4ed30fd20
e849b4a7acbb87a8e9ba546e39d5757fb691f97193412deec5042504b8843961
e94db37c4b16077766e1e5de6fd73170d9aad8cf2c55f7e7344d21ebe29bc040
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f004c7725a1678eb9e9e4cb7354545b914d13bcdfbc0e8bdae8540483887371d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe429139039fcd1bd78d7cfc822af379eb8066939fbe113a7ed92ecaf4737abc
fe673bcbf429be4d509620936794281fd415cec9985daf846aa2f882843fe6b9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

cu9.yalla-shoot-new.com Open in urlscan Pro 2606:4700:3031::6815:6032 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

90 %HTTPS

74 %IPv6

14 Domains

21 Subdomains

20 IPs

1 Countries

2905 kBTransfer

5708 kBSize

16 Cookies

1 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cu9.yalla-shoot-new.com Open in urlscan Pro
2606:4700:3031::6815:6032 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

90 %
HTTPS

74 %
IPv6

14
Domains

21
Subdomains

20
IPs

1
Countries

2905 kB
Transfer

5708 kB
Size

16
Cookies

136 HTTP transactions
4 data transactions