urlscan.io logo urlscan.io
SecurityTrails logo

hd.yalla-shoot.io Open in urlscan Pro
2606:4700:3033::6815:91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hd.yalla-shoot.io:2096/
Effective URL: https://hd.yalla-shoot.io:2096/m/
Submission: On April 01 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 11 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3033::6815:91, located in United States and belongs to CLOUDFLARENET, US. The main domain is hd.yalla-shoot.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 24th 2022. Valid for: a year.
This is the only time hd.yalla-shoot.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    2606:4700:3033::6815:91 (United States)

ASN13335 (CLOUDFLARENET, US)
hd.yalla-shoot.io
21    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
58a6a79cebcdbb6c4cf8e0a47406cd6c.safeframe.googlesyndication.com
1a249051f79c43e75e9da45e7d625bba.safeframe.googlesyndication.com
19    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
13    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
8    69.192.161.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-85.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
4    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
3    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
6    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
2    64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
mcdp-chidc2.outbrain.com
Apex Domain
Subdomains		 Transfer
34 googlesyndication.com
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
58a6a79cebcdbb6c4cf8e0a47406cd6c.safeframe.googlesyndication.com
1a249051f79c43e75e9da45e7d625bba.safeframe.googlesyndication.com
155 KB
23 yalla-shoot.io
hd.yalla-shoot.io
350 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
506 KB
12 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1235
widget-pixels.outbrain.com — Cisco Umbrella Rank: 1521
odb.outbrain.com — Cisco Umbrella Rank: 1391
mcdp-chidc2.outbrain.com — Cisco Umbrella Rank: 6724
185 KB
10 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3714
log.outbrainimg.com — Cisco Umbrella Rank: 2058
images.outbrainimg.com — Cisco Umbrella Rank: 1899
63 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 7
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
145 KB
3 google.fr
adservice.google.fr — Cisco Umbrella Rank: 28668
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
38 KB
116 11
Domain Requested by
23 hd.yalla-shoot.io 1 redirects hd.yalla-shoot.io
21 securepubads.g.doubleclick.net hd.yalla-shoot.io
securepubads.g.doubleclick.net
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
www.googletagservices.com
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 log.outbrainimg.com widgets.outbrain.com
6 widgets.outbrain.com 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
4 www.googletagservices.com hd.yalla-shoot.io
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
4 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.google.com tpc.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.fr securepubads.g.doubleclick.net
2 images.outbrainimg.com
2 mcdp-chidc2.outbrain.com widgets.outbrain.com
2 odb.outbrain.com widgets.outbrain.com
2 widget-pixels.outbrain.com 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
2 tcheck.outbrainimg.com widgets.outbrain.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 1a249051f79c43e75e9da45e7d625bba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 58a6a79cebcdbb6c4cf8e0a47406cd6c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 www.googletagmanager.com hd.yalla-shoot.io
116 21

This site contains links to these domains. Also see Links.

Domain
t.me
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-24 -
2023-03-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://hd.yalla-shoot.io:2096/m/
Frame ID: EA789688288AEDAC38104E5198C564CE
Requests: 46 HTTP requests in this frame

Frame: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55FBA14087E55824583C5C103E273664
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: B3899341F0FF5FF852047BA3041B7B3F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 94A9D829808AD4327B632C2AE4970B04
Requests: 9 HTTP requests in this frame

Frame: https://58a6a79cebcdbb6c4cf8e0a47406cd6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: EF60177AE5F94535BBBB9356D63B2099
Requests: 1 HTTP requests in this frame

Frame: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F3A9723F32B6E77F6A2F3314215682A0
Requests: 18 HTTP requests in this frame

Frame: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0AF017164D4ACF8C000F67EB754B48AD
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 830029F0BA0E5CD34891FE5E3DEC805A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F05DAC92CE48E439326D035A641212BF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C1526A9B3EE1D4F69C0846043691FFE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 795C0266D36A579C86C39E80E481EC17
Requests: 2 HTTP requests in this frame

Frame: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F5F66236C170A9ED35D680A054FDAC7B
Requests: 15 HTTP requests in this frame

Frame: https://1a249051f79c43e75e9da45e7d625bba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 94CC2ED20DAA2D1F709C373E445B6608
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 53A97D607CB4EA7FE14AC1DC25122594
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2D47E1D3ACE8013ADA54F170C283DAC5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

يلا شوت الجديد الرسمي | Yalla Shoot New أهم مباريات اليوم بث مباشر جوال

Page URL History Show full URLs

  1. https://hd.yalla-shoot.io:2096/ HTTP 301
    https://hd.yalla-shoot.io:2096/m/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js

Page Statistics

116
Requests

100 %
HTTPS

65 %
IPv6

11
Domains

21
Subdomains

18
IPs

2
Countries

1466 kB
Transfer

3384 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hd.yalla-shoot.io:2096/ HTTP 301
    https://hd.yalla-shoot.io:2096/m/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hd.yalla-shoot.io/m/
Redirect Chain
  • https://hd.yalla-shoot.io:2096/
  • https://hd.yalla-shoot.io:2096/m/
73 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hd.yalla-shoot.io:2096/m/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c03affc649943e002ff0ba6ddd2b26aa9f213e856899084afd68d969f559b1c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f52b0812b1639db-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 16:26:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://hd.yalla-shoot.io:2096/wp-json/>; rel="https://api.w.org/" <https://hd.yalla-shoot.io:2096/wp-json/wp/v2/pages/8972>; rel="alternate"; type="application/json" <https://hd.yalla-shoot.io:2096/?p=8972>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIOjNOdWi1FHtfcDTsIdR6%2F6wKAoEW%2FtsvYxzpCmdImD91AOqx75dMkdupDOUid5%2BLGIjWMPlzohIyD1gt2KSwKY0%2BWZvwcP3XFJto%2B2ZRphNX6DyKSkRXL5HXPGQiJzPzyhv5G2P%2BAtPZQDnFQJ1YXNOaK5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
HIT

Redirect headers

alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f52b080da8b39db-CDG
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 16:26:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://hd.yalla-shoot.io:2096/m/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KgdAgM%2BkuzaE1gKSSdMrYBJ9LPDwW7nfvzrqz8WNgyndtZzew62xm8HkqRG0z13kxmX5%2BWl4CGbBHNyzJXunovnk1tnIqM6FXVQB%2Bk4Ae7ORTL9w4t1ILSUq%2F%2F55FX5uRSGyq4u0GdVJd81bsx%2FVuPW2vNm"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
HIT
x-redirect-by
WordPress
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
79adad5c64102a32870604cd897b9dcd6d438430e220df237f131690c60439e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28182
x-xss-protection
0
server
sffe
etag
"1174 / 686 of 1000 / last-modified: 1648811202"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Apr 2022 16:26:58 GMT
logo.png
hd.yalla-shoot.io/wp-content/themes/YallaShoot1/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/img/logo.png
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66ddf63cfc9a614849bcb959e3b616478106a8754cb9f8ecb8b618977a73209

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 01 Jan 2022 19:02:44 GMT
server
cloudflare
etag
"61d0a554-fff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F8AUkUPn6F%2FceQ%2FJQ7B6qgxvxyv83bIKBOy02TD5Fndor38skNREVE8XB9xgw2Pm6QDpwPm2rTT1ZdGu0J6Yoq1eOc8YoVpR8PszJgU5T7pByBjAPYoVmg3S4eG2JaL0nKXLDCLB%2Bwbs5vmH0OwD6mo1oFT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0819ca13a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
4095
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-107335079-1
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da658b84eb4e66d946363d2deabe1bcebafd1e98656e6a99fe8c7eac7ab16143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38059
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 16:26:58 GMT
lazyload.js
hd.yalla-shoot.io/wp-content/themes/YallaShoot1/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/js/lazyload.js
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b49d4d31bafde40cecd2f1810924311d1c8e3809fbaaddc3a1578c3e18b34e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 02 Jan 2022 15:54:22 GMT
server
cloudflare
etag
W/"61d1caae-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSWgAXfkfS0%2FdzYSUWY%2Fi1XlvHYtmUty4IooM2vaYyoEagqoKVhVHt8vXuHEb8kjP4QkkV%2B2nfT76UhS7yA0SRvvy2GtA%2Fn52oxbSNU%2FM6UQuarHvZFunRWsDUe%2BczE8JZ5HjgkBwaC%2F8zbgVHw23vVclqtN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f52b0819ca63a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		401 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
hd.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/fonts/NeoSansArabic.woff
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer
https://hd.yalla-shoot.io:2096/m/
Origin
https://hd.yalla-shoot.io:2096
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 01 Jan 2022 19:02:44 GMT
server
cloudflare
etag
"61d0a554-e014"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlVWze147FXEmdk1R0HiBAVULWzJ0dJWn4IeK%2BYOZ8kavV5YxSpoKLPuLy%2BAXj68dhN9pKU%2F2iMBYbze5uze8BCgPXYv2eTHDhFNwXtTnUI%2BGOzpX4AkiB%2BdL7%2F2nGxsFoGsfsF1Dlssp9tM%2Ff44xKISVXw5"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b081acca3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
57364
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
Negm.png
hd.yalla-shoot.io/wp-content/uploads/2022/02/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/Negm.png
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712de98aea70fd50f8a5051da6c4dbcbe12fd921adac951f9a5b2c82e1a07038

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 11 Feb 2022 04:14:41 GMT
server
cloudflare
etag
"6205e2b1-45e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AItQW7iUVmVTNr%2Bwf%2FNzBFBFTUyzQDWorGUaXDG%2BBO4fb3hcOzm4Fv8QUGE93dOsNBzjGXhc%2BhX%2B2LBfJLQEdG4%2B6%2BwNqVFQ7PO4QOT5HwZmm63p%2FR4ZujXuu8CE0cois%2Fyq9GzAbna9OB1n7wVw%2FTphJJNc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821d8c3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
17897
254go.png
hd.yalla-shoot.io/wp-content/uploads/2022/02/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/254go.png
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97db4c947e6df52d334c6723cf28fd3335e38f1b43a7ce447679d10731dc2a78

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 10 Feb 2022 22:18:58 GMT
server
cloudflare
etag
"62058f52-8fa8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tdHsb5kGApobyMiXG%2FbN51sfra2fMk7GH1AyczCFs2vgMhcewbRRRy6N5kJ26f6u2gdCuIOW%2F1Yy698AvOM7%2FNA5WbAtiA83o0MMFEWtKyY%2B%2FsoFVXUPQ3xXc%2FSPIiWUEzFI0qm%2Bf4nynsboQ7N6BwjX91y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821d8d3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
36776
Untitled-1-copy.png
hd.yalla-shoot.io/wp-content/uploads/2022/02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/Untitled-1-copy.png
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c75caee5d21bd75b61c213c7ceffc41f0bd88567d67b89c73d978641622084

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 23 Feb 2022 05:57:39 GMT
server
cloudflare
etag
"6215ccd3-3017"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH%2BaYePAsAbs9d2uNMdTOrrARFVsl%2FxkEJM7lZ92n2J%2FjnHVrmEtOJ2s4q7Q3Hm2AgomAAi7RaAEv6aRwsZ2Rg6OvRQUGceuq8D5wjXIw4iUwHHMBiYopbQuMTSg1WYq7DdpbC4gGjGfE6pyicUJ%2F7UhdjnL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821d8e3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
12311
rRKt7H02SHFAl5D5CL1WRg_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2022/02/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/rRKt7H02SHFAl5D5CL1WRg_96x96.png
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed61b0c8eaed22994f3dc723bd17919790296cba98502639008acc8143b3542

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 10 Feb 2022 22:35:18 GMT
server
cloudflare
etag
"62059326-24f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nQxej2vwNEn4R99mLO0ETbv%2FEOjjiP85P8VrwjrgCRItjXtTDfR0A0i2dabdU6SvluozNuiqunReAtZk3IApvmlg5a4eDe6cdz5TjSwnvDOquR14aMj0apeZQuWBgro%2F7hP1HbmaBoJduPI3%2BlOAlpxo3rQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821d8f3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
9461
RDTXHVLGhO3Emt27QslOCw_96x96.png
hd.yalla-shoot.io/wp-content/uploads/2021/06/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/RDTXHVLGhO3Emt27QslOCw_96x96.png
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff7f0db59ffd38f5af0009ee79fc9d28a6a1a58b1fad8a596a121317c8ba61e1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 16 Jun 2021 00:45:07 GMT
server
cloudflare
etag
"60c94993-24f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q25aTw9Ogt8mt7rpkFYye%2FyVb9tE1DTYBAoj0XTds%2FdC6GeyQkflxW1eDrrXiq%2BWq99thKoWlbegvgNpYFRyw%2BtMy%2FZNnQTrhgYWgtNQmluAs48ijXmkQznNz9%2BdDXCnvt%2BTv3FqFbxezducE8CNu9x7qTo6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821d913a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
9462
g-d-sagrada-esperanca.png
hd.yalla-shoot.io/wp-content/uploads/2022/02/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/g-d-sagrada-esperanca.png
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eaf6cf2f3db9d900fe38f7d886ef6a83221337827c3876e5c8d44459a46af42

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 09 Feb 2022 08:38:43 GMT
server
cloudflare
etag
"62037d93-3bdd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUG8IzddWsz5RZ5W08SLu%2FoWrzoLuy%2BDKEjIFqSsv1eRDD5%2FePFjW8DnWAJuu8wOBDmlcJilFIGC4zF9imAHXRmeztUCeoCUuLXcW8qzq70tnBHjDI0FZhrWhSJPuBwnDTUtXmHzvKn3EL9OSBRiESNhPkRn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821d993a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
15325
Al-Zamalek-Vs-G-D-Sagrada-Esperanca-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/Al-Zamalek-Vs-G-D-Sagrada-Esperanca-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40203c29241e168562c1d92e637f1adc66bdc4b0b0119bd68f000e689e456376

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 01 Apr 2022 02:47:44 GMT
server
cloudflare
etag
"624667d0-35ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z69q7HQtJ82FHZn%2B4fab1DZngDYgDg7wdR8OlORIL7rIyIjD1i96KYnSdsKrbGaPXveftmfu4DPryXzW6H6aAE5LqRR6k%2B6s7MlNEQgw9o6TP1WLYQM%2FUis%2BgkenrHWuvoHNmO2jKxyex4535eQxQkzwwPky"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821d9c3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13741
E-S-Sahel-Vs-Jwaneng-Galaxy-Fc-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/E-S-Sahel-Vs-Jwaneng-Galaxy-Fc-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a975f880ea9bba40ea13909e5d4eb1791854e9f9678d5706a983a4a9963f53

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 01 Apr 2022 02:41:39 GMT
server
cloudflare
etag
"62466663-3672"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmn3e79SF2T6gBLm4UIaeMVbKdshAKt%2Bhlf1i1qWp5Tb08dJh9lFx0yiGY8XNEx%2B3v1%2F1lPlm0IiLEK9JOeCWcBwUJQojwf%2FkSF5MU%2FsvK1iiCxkTV2u6nksn%2B%2BdXP%2FJZW06zBNcYTHVhK9Cl2R0tBdSEUzN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821d9e3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13938
Cameroon-Vs-Egypt-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/02/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/Cameroon-Vs-Egypt-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd020c53e1373b1e033b1243524450257e6416f0107a8d4ecb01ad10eaad57a8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 03 Feb 2022 05:16:38 GMT
server
cloudflare
etag
"61fb6536-354f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3XiLu3lyfpPm84NkYgsIfnSbCS1wXMwRGMw2AlwHUdjx%2FnPjRjDldNFh5g2z9BXegNADj43rimE0UiNY8kjm0zag%2FmU1nsQzae38sm3orMho0HD0hi8obFr1tikCkIS3399WkXghYP3Ph9VS%2FFkjU9lEfmC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821da03a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13647
Ecuador-Vs-Argentina-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/Ecuador-Vs-Argentina-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081dee3ee9ad88eb47089388b97ec8beaf5c70123f7a8c0b078cff1564640337

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 29 Mar 2022 22:28:04 GMT
server
cloudflare
etag
"624387f4-34cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzVnXbIr6PMl8YZKMEMNpf%2BN0b54YZgMjCRl%2Ba0hod2rU%2FRFabVSa1wK%2FvGpGZuUT1%2Fm%2BelxBipIjHakBqLweGoqglqgnEO%2BTJS%2BrqcKlewfyJvTrwHGaGasn255XqXlySB3i%2FPMjG5x0GFWOFvXl7dGQXfN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821da53a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13517
Bolivia-Vs-Brazil-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/Bolivia-Vs-Brazil-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddbec82c60b193aec26dfa369ed71d311c4ce6c1450a48398802492780b9d2ce

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 29 Mar 2022 22:11:33 GMT
server
cloudflare
etag
"62438415-361c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Tj7WKiF2yjk98WcrnC8heOze7t4sZtcqhMKtmh98yH%2Bg7DoP5CzjTiWzmusfeGIMAZvbc9Myqtuf7dLVUG6B3WE0KzifkqIm%2FqoLVOttZAh%2FUYTRZtfTzxqhkL%2Fq%2BXj50MtL0C1aFcxlgkgGsufydYgOhjm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821da63a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13852
Algeria-Vs-Cameroon-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/Algeria-Vs-Cameroon-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9b319439bf0fb22c1ac201477b4aa9f7ce51c2277e1a9bbf691b8614a1449a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 29 Mar 2022 19:06:36 GMT
server
cloudflare
etag
"624358bc-3515"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2D4xIFLhUWVkc%2FzBp2x3e4iecR5LHYU3nhomq%2BlIc4Ngmt5zzR3dZxFWSgxq4e7mQEmFJPQ%2B7ZkdeIWsfHeVK3TgXFQNJJBrcGcSBkX0f%2FbLLbgXrNYu4RuDLFrOuM3Em2iQ9Zyl0aM%2BMoCFUuSMOuyrGrUa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821da93a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13589
tunisia-vs-mali-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/tunisia-vs-mali-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c14df85a189fdc472aefd7442933d67835f3c02e33ab385149d2c6cd3c892c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 29 Mar 2022 19:39:29 GMT
server
cloudflare
etag
"62436071-3575"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQUAr3M8ctPLMdikXypK9rWgcOx%2FDTH2DgXd0tvm2zE%2B0%2BpYXxc7qkRUDK6RpQXa9bWtCD5sELc%2FEnOchP2aFbIv99EO2s1H9EHrXhL9x104eFnm%2Fy0EnY8imxrmrBRvr7iB4SrciqSDGa9Wh%2BZXXLplFFhq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821dac3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13685
Morocco-Vs-Congo-Dr-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/Morocco-Vs-Congo-Dr-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c32889347a252530ba3058de3b77eb6357daf06f558802d0c6cec14a2711d8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 29 Mar 2022 19:11:55 GMT
server
cloudflare
etag
"624359fb-34e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2FoekcO08LXbOIH2b%2F2Yjc0ajMDYYlC%2FsnW2zOvaFUpBLra90yh36kuHKtw6NIyJwBDne6xXwIug%2BusC3UbDl1Ph5RgGOcl6nbpyuFe60%2BdwScCcr%2FkRuqhOuYukyA1BvdKkWljpGiJFoJXoVH5yvCgj73m"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821dad3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13541
France-Vs-South-Africa-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/France-Vs-South-Africa-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
235223ed91e5eaddb9f54750c0806b8af149f465c7609b2e18dece9a63b4aec9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Mar 2022 03:40:09 GMT
server
cloudflare
etag
"62412e19-35ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqnvI0LKmfqG3NpIyh0ZAThc%2B%2F%2BS0oonc7UqcldLYfqRpdpHN2tpvjzrxL%2B2dmH8ijnzbbmt9Rknz4eajHoVR6rYjVQ2FQdulSOX1%2FsBxoGdfLfm1Ak5r2tb6hIClei6YJRQvVbHXiPH1qn9Z8Tqyw%2B485uP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821daf3a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13741
England-Vs-Ivory-Coast-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/England-Vs-Ivory-Coast-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324b653b7625c836bcd1a510e27d070da459ec64ae7ec945a0b9c0d4479c830a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Mar 2022 03:36:25 GMT
server
cloudflare
etag
"62412d39-358b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APnvcsVZZED%2By0US3SHE0ICrbaBdGa17sJTLqLaF9Ay%2FGrfzxMiemxckMH1hrLShXJiXwQWrSeZ8yQrm8XizDRoei84MpKZpPRTsE26UX4qAURbg2G3k6MsEMIXqLBjuiFkB927rCWX1YIm3tDWm%2BUDMwaPL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821db13a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13707
Netherlands-Vs-Germany-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/Netherlands-Vs-Germany-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f20c6b312535aefb2c9e052a92a0d944b8112ee1f3bdb4a8b06c3fa00f98b8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Mar 2022 03:30:32 GMT
server
cloudflare
etag
"62412bd8-3512"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ax%2FjZM4XPRsmDoKiT9SPnee5Hq3gU9kABBvPwFOqA33XrA3zqGRIAAY87UgyH2VM8bXGa7N3Nfjf1a5P0zIJ3IZzOnRRHLjoEBHLxXlGLo8afQrduG7nzxlG8N1iKCaIoWtxJPOnuL9sauAOjtSaAQJU8j4q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821db33a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
13586
Portugal-Vs-Fyr-Macedonia-300x157.jpg
hd.yalla-shoot.io/wp-content/uploads/2022/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/03/Portugal-Vs-Fyr-Macedonia-300x157.jpg
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747ac0bf3a64cbec3bcb5b5b541d1eb6eecd9f530c7e546687a8991c481b8d09

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/m/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Mar 2022 03:19:53 GMT
server
cloudflare
etag
"62412959-36c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPs8cjFEsdWJFzrczRfdlm6stt89zauFAVJDb6EpWMUb3lCR5zu5TeA1PIGDadfN%2FM2eApqnYtv8ZmrjRl%2BkwsUTht3fijMukZFa%2FYWb3TfD0SOo3IpoEiyP6kqs6OrsO8IevwZFYwEtQeK95xX77ByVCjg4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f52b0821db53a4d-CDG
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
14016
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 15:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Apr 2023 15:42:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		178 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hd.yalla-shoot.io%3A2096
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef3cd42ee43cad75a80a68212f6945c8ad7fb4dd4de5a27ebc0c36635531aa0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
expires
Fri, 01 Apr 2022 16:26:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1332
date
Fri, 01 Apr 2022 16:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Apr 2022 18:04:46 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=hd.yalla-shoot.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hd.yalla-shoot.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=936622068781627&correlator=1155464862836519&eid=44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=21939239661%3A22405246745%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=4290626634&sfv=1-0-38&ecs=20220401&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648830418501&lmt=1648830418&dlt=1648830418147&idt=303&biw=1600&bih=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1951056231.1648830419&ga_sid=1648830419&ga_hid=1423147199&ga_fc=false&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
4a05d75c1de06333d1894566d0a5e8b6a0e26866bbcd31f8f4a81093ed673e71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11933
x-xss-protection
0
google-lineitem-id
5819237462
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368518484
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.yalla-shoot.io:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=936622068781627&correlator=1155464862836519&eid=44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=2&adks=3212919061&sfv=1-0-38&ecs=20220401&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648830418507&lmt=1648830418&dlt=1648830418147&idt=303&biw=1600&bih=1200&adxs=650&adys=110&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&fws=0&ohw=0&ga_vid=1951056231.1648830419&ga_sid=1648830419&ga_hid=1423147199&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d39aa0aebdb1e2df2ad33e83bbcee42df99764d4bc50e31fc269cceb1eff973b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8996
x-xss-protection
0
google-lineitem-id
5816136471
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374459620
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.yalla-shoot.io:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=936622068781627&correlator=1155464862836519&eid=44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=3&adks=1242842709&sfv=1-0-38&ecs=20220401&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648830418512&lmt=1648830418&dlt=1648830418147&idt=303&biw=1600&bih=1200&adxs=436&adys=168&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&fws=4&ohw=1000&ga_vid=1951056231.1648830419&ga_sid=1648830419&ga_hid=1423147199&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
cc40ae071747cc744b33984bc4e327d818517e6808dd4c5e518af722447fac4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9026
x-xss-protection
0
google-lineitem-id
5817355590
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138369000082
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.yalla-shoot.io:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=936622068781627&correlator=1155464862836519&eid=44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=336x280%7C300x250&ifi=4&adks=1564947952&sfv=1-0-38&ecs=20220401&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648830418514&lmt=1648830418&dlt=1648830418147&idt=303&biw=1600&bih=1200&adxs=632&adys=621&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&fws=4&ohw=1000&ga_vid=1951056231.1648830419&ga_sid=1648830419&ga_hid=1423147199&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
beae98f422c458f41088c233ee00418c48fb96de401daabe9ee1c6b75df963b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8939
x-xss-protection
0
google-lineitem-id
5816136471
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374459605
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.yalla-shoot.io:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		405 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=936622068781627&correlator=1155464862836519&eid=44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=7047%3A22405246745%2Cnativefeedapl&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&ifi=5&adks=1751743422&sfv=1-0-38&ecs=20220401&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648830418516&lmt=1648830418&dlt=1648830418147&idt=303&biw=1600&bih=1200&adxs=300&adys=1944&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1024x0&msz=1000x0&fws=0&ohw=0&ga_vid=1951056231.1648830419&ga_sid=1648830419&ga_hid=1423147199&ga_fc=false&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
20e46457c8f8e5fd99bce265e0fbf3f08c729aa13c22d894a8dd21e570e77c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
217
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.yalla-shoot.io:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 55FB 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:26:58 GMT
expires
Sat, 01 Apr 2023 16:26:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
17c36e9523e8b97999649b89a0f8480d574d7a1fe1dd4f3d8fe841e5649cd0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 17:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13258
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 25 Mar 2023 17:59:43 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1423147199&t=pageview&_s=1&dl=https%3A%2F%2Fhd.yalla-shoot.io%2Fm%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1341105076&gjid=554675745&cid=1951056231.1648830419&tid=UA-107335079-1&_gid=1919040230.1648830419&_r=1&gtm=2ou3u0&z=748573508
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hd.yalla-shoot.io:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 16:26:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hd.yalla-shoot.io:2096
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
055f76c38762394ad0189351b2761c69422e03226740cad88fd48ad097fb7191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10718
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 16:26:59 GMT
css2
fonts.googleapis.com/ Frame B389 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:35:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 16:26:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 16:26:58 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame B389 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 15:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1729
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8226
x-xss-protection
0
server
cafe
etag
11792478805792993122
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 15:58:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 94A9 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
79adad5c64102a32870604cd897b9dcd6d438430e220df237f131690c60439e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28182
x-xss-protection
0
server
sffe
etag
"1174 / 237 of 1000 / last-modified: 1648811202"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Apr 2022 16:26:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94A9 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: hd.yalla-shoot.io
URL: https://hd.yalla-shoot.io:2096/m/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 16:26:59 GMT
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ Frame 94A9 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 15:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Apr 2023 15:42:02 GMT
integrator.js
adservice.google.fr/adsid/ Frame 94A9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=hd.yalla-shoot.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 94A9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hd.yalla-shoot.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 94A9 		438 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3901657035599288&correlator=2337224581059738&eid=31066026%2C31061828&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=27560194%2Cadipolopassback%2Cdisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x768%7C480x320%7C320x480%7C768x1024&ifi=1&adks=3935086084&sfv=1-0-38&ecs=20220401&fsapi=false&sc=1&cookie=ID%3D19821c179ab663af-22a4ff146ccd0080%3AT%3D1648830418%3AS%3DALNI_Mas-pyF-nsdnxF4dGonCMKGhxi0iA&cdm=hd.yalla-shoot.io&abxe=1&dt=1648830419098&lmt=1648830419&dlt=1648830418869&idt=222&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=v5zhtdkz61uq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=2&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&top=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1951056231.1648830419&ga_sid=1648830419&ga_hid=1032339038&ga_fc=true&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c8024b2f32a2a9ff993ac927ca10873b82418de6ce5d2aa843b183bb5c2341b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.yalla-shoot.io:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
58a6a79cebcdbb6c4cf8e0a47406cd6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF60 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58a6a79cebcdbb6c4cf8e0a47406cd6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:26:59 GMT
expires
Sat, 01 Apr 2023 16:26:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F3A9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:26:58 GMT
expires
Sat, 01 Apr 2023 16:26:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 94A9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c0ffcb17c8c731a8619af9290e6039af7372669aeb1f360ad02ccd21727ba87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10731
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F3A9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 08:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 08:43:45 GMT
outbrain.js
widgets.outbrain.com/ Frame F3A9 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b7c5ba2099cfba673e9252aacecf40d865af1e7d6657a006307f078abc778ab

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 11:09:26 GMT
etag
"12-7Xd6pGNCemVp+53KtcvtqwjK2IA"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
10869c1a6bbc43889f6b11e2390849a2
timing-allow-origin
*, *
content-length
69504
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F3A9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 16:26:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 94A9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 16:26:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F3A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiq1zsPA_tBon33jJzYoJbNSlh-pUm_T4p-pCayk2p-swMDwad47bkDigvB5V9COy3LXrKD927mH92WRAWhDdSAkhWhrwcdzzG8hjK33NQWcQMG7wEKXvs1C7uPevKZF1tBFRE6DlcYQqAkO--gZ8acDREDD7ASpob-hSihJN6yA48rLVcGD1bCcZAUnrs9d7hUkT2zQzF1hmHth38RPx9gt7x1aZTbegP4deeWzAgbV2FbdfY8WdnpE8FQg4YLvyndx5IYwwlPocmjvrzVTBvYTw3rDSv_f-7FpNTPfJgTiKfQFFVAAeGT-Zay65dnqA&sai=AMfl-YRcs4rmsVWPPVmdH4kfZmw1u1FlGSO0_mS4hmt_Lict3PQv5Z1m7vunr5Z5cm-sF2OhkfZ_dOe_GdSKy0MR45w6jfb98gkk1_l-iZye16WzOA-9Wwx8vqjAllcFrZ8&sig=Cg0ArKJSzMFR2SquHLJpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame F3A9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2db1a0f9843bc872b5e9c43c3df015f83283828be77ab58729e96c467724b243

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
NjNhZDZhNTBhNDQ3ZDc5MTFkMmE0NDU2MTdmNmFjNGYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ Frame F3A9 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/NjNhZDZhNTBhNDQ3ZDc5MTFkMmE0NDU2MTdmNmFjNGYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 16:26:59 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
69ca4efd4b2c5ea5cdd14d0f585ebd98
Content-Length
16
Expires
Sat, 02 Apr 2022 04:26:59 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame F3A9 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.135824429212905
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 01 May 2022 16:26:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F3A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAy7JeszeM5DOAibS0BCv-FQ7YzjcLrn3fClEDWgey8YDXk9pH5B1PFheVfBxPpaKaxDyaBDpBC4fbJN861eZ80WaDI9XWy1Fno7nRjUCRZMdvXrTWlOSImSx5BYy5ekN6lsODJYBAKbWk6MnhPtg_4EYj0ES3yXz1-LOioYK4kLrSPmed8nkJRyZtDv8l7HzvZ75SCiqafelWGwWoBIl6Gu7NwWkocYv-aC1xopIAOJNU71DAggm1eJ4Bl5m_86WOP65Te5XMugpq1zQNs8tZynOE1mG37nMquPgMLH_67NWrx1C6E6xjrNjHzwO9IJlSKQ&sai=AMfl-YRbaiejkZBBL1tm92vR4mizMeqWuRPXb6BKFQUl-KURIgepcsUBifrD-x0IksUqWdmZmmn1tqNVuSTHTVo-4-1bxnolrxciB4NjF7ZcpJHpNNufgBpHTOcyD4a26gs&sig=Cg0ArKJSzL2JvG_uAt5TEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Apr 2022 16:26:59 GMT
container.html
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0AF0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:26:58 GMT
expires
Sat, 01 Apr 2023 16:26:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0AF0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 08:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 08:43:45 GMT
outbrain.js
widgets.outbrain.com/ Frame 0AF0 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
570f313bd1609d2b152f4d6f2b8602eb513075e17f5d96357fc5158eacb72ac4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 11:09:26 GMT
etag
"12-7Xd6pGNCemVp+53KtcvtqwjK2IA"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
d7c1a46860db90516312315ef512ff54
timing-allow-origin
*, *
content-length
69504
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0AF0 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 16:26:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8300 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
8908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 13:58:31 GMT
expires
Sat, 01 Apr 2023 13:58:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F05D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
43c6e21064be258f594fb6cebe7721470437bb266d04b62c7ca34d3451831856
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jsTN9C5mk1PWnvsQCknSpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-jsTN9C5mk1PWnvsQCknSpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:26:59 GMT
expires
Fri, 01 Apr 2022 16:26:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C15 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
8908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 13:58:31 GMT
expires
Sat, 01 Apr 2023 13:58:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 795C 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
024012c1535932b3154b53f4a73115c22d4be57aac99bf3ededea99ecf03dec7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JfSgua/eVeERgTX7pEKpkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-JfSgua/eVeERgTX7pEKpkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:26:59 GMT
expires
Fri, 01 Apr 2022 16:26:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 0AF0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK5KnnKTOAOa3e2alvOxukcQZ8O45jSaZjjHPT7tvmBrXRwFi1tGWHOvBzocaoHWIJL4SIuFx6KIyTIkVdr7OtcVm8KGR4eU5O4tUyVsIwEnocSKpkqbcOEZmDpmBeylaHsTxioaL4gTQhm_C4DfKrBrikFCYIj0sYBVyhIZw2BjYnbN3cYLWZPEtm_wBXr5kpkvBtzDXaDIt0kfpMhvHElu_lsD07t3Kx4zExxqddwA8EnfiSxsy0kiQm7Ni8VDbjxVFD5kkcmD70cxAnekd3Qzb1XsYFxMLLBha1vZ2B3Xg7-TFLmk5Kaa0LqHftS-Em&sai=AMfl-YSucBv8QKJPkysrsGD6u6P5WpR6usI5OB6pq0D9Hs8932rXigbyJ30GyGCoe2wHeNv2zcpoi1LybjnhAB15dLqhDrGZoEUIxckZyuM11w&sig=Cg0ArKJSzPBW3Q1YQQ8iEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
NjNhZDZhNTBhNDQ3ZDc5MTFkMmE0NDU2MTdmNmFjNGYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ Frame 0AF0 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/NjNhZDZhNTBhNDQ3ZDc5MTFkMmE0NDU2MTdmNmFjNGYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 16:26:59 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
bb2837732f3e35501e09e47e57ea5562
Content-Length
16
Expires
Sat, 02 Apr 2022 04:26:59 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 0AF0 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=4.561832540230415
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 01 May 2022 16:26:59 GMT
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame 8300 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:58:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
34104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 06:58:35 GMT
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame 5C15 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:58:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
34104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 06:58:35 GMT
truncated
/ Frame 0AF0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03b67d7a407ab1993369f0bb65cfe61fd1a230af4337dd9e446f02f836aebaaa

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame F05D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=936622068781627&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 0AF0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui8hkoOY8C9ZjCYKab0IVXVqDBcDnxhLo_KP9YlTb_p1NQmUWdnzchXfb03yo9KbUHfiLq-DRiSogpjNI2fFhwPqGdWRB7VGbFXg3PzsjwIkfZHegOwYIys0QJP9yYpzook_W8r7iBrDSgUrJOXc0iyrTES2S4HFViqEFkuoSYLvwnf2PN9uRc2hxb7u1WUUspDKriqwVkxwnne-eKaA603_HDNzs4SHZfjD1jGcGjJg9GzXRdy97_9UdoYiOiNw4R-EgBXmHLHvw0fQ8buoc4LC0TIzvDqSScQmTbEl7_mAhSvAGVG4a_w14gKYlRD0FJOUM&sai=AMfl-YTQ6p8Jy-Ja3ZRqS2_KiD1OLVypqhpwnsPZB_6lPe3ELHnX5cC1mkP-P0oCI-Srq-vLY9YE6CrSy58x3e7-IVCDGDc-NWy3-6gQLSTvgg&sig=Cg0ArKJSzHOrms18ONSrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:26:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Apr 2022 16:26:59 GMT
platforms
odb.outbrain.com/utils/ Frame F3A9 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&idx=0&rand=89988&key=ADIPO26N995I7C97HCI1JF7FG&widgetJSId=AR_10&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=300&activeTab=true&darkMode=false&settings=true&recs=true&version=2000655&sig=X5zWpPqv&apv=false&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ref=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2F&ogn=https%3A%2F%2F63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39c1b198e706308c036ff270903633b239d1ef042a3b9122e72394ea3be2cbd8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-timer
S1648830420.767460,VS0,VE165
accept-ranges
bytes
x-served-by
cache-mdw17320-MDW, cache-hhn4059-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
0f3789c755363d3cb9e4dfdbce64817e
content-encoding
gzip
content-length
6674
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 795C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=3901657035599288&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8300 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3FGkAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5C15 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?g0XdtQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
platforms
odb.outbrain.com/utils/ Frame 0AF0 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2Fm%2F&idx=0&rand=2758&key=ADIPO26N995I7C97HCI1JF7FG&widgetJSId=AR_10&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=300&activeTab=true&darkMode=false&settings=true&recs=true&version=2000655&sig=56s4BHiM&apv=false&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ref=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2F&ogn=https%3A%2F%2F63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5479b62d38679f3d4f4ce693c0b269a8ecd0fe1d0867093e8a5dcaf5df6e2a44

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-timer
S1648830420.076639,VS0,VE238
accept-ranges
bytes
x-served-by
cache-mdw17362-MDW, cache-hhn4059-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
51cf0386b792b2db96e991c8c59da705
content-encoding
gzip
content-length
6546
expires
Thu, 01 Jan 1970 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame F3A9 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1648830419873&sessionId=7f958bf9-6d4a-92a8-11db-297943fd6ede&url=63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com&cheqSource=1&cheqEvent=3&responseTime=491
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 16:27:00 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
022d704f4ae7adb51e677805893e4510
Content-Length
4
Expires
0
container.html
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F5F6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:26:58 GMT
expires
Sat, 01 Apr 2023 16:26:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F5F6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 08:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 08:43:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F5F6 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
79adad5c64102a32870604cd897b9dcd6d438430e220df237f131690c60439e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28182
x-xss-protection
0
server
sffe
etag
"1174 / 869 of 1000 / last-modified: 1648811202"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Apr 2022 16:26:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F5F6 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 16:26:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F5F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUKespcDhGVStVSlVicXGK2RxrWqQ-ecujR1bXui5aWH4cvRiI3QOa7y43CR9_cgBgDCp2A6Er4tpaOWU_k2IUbXJNmwXT8OjpKEWbdOMji4mmEwQAUithkXgqedgCjWrf2nzKqh3DpjIrdAEbqYCOm9c_0l5X265TIXwYGtw9odP5BsdwiTYLbyeoeOycuz7XSYJSzsozxhbs7v3QGsQOAr5BzVWqS_YSkYjzuQOAaK2bPum9x87hoWJR-BXzue-qa1uB9PBHMufTTwsBG26hrH5015HhlJMPTDBR9PstQot89IVgcjd79Sn6jnpxm80&sai=AMfl-YSzJeols-BXbLLIgTCGii-Fp-nr-BOIOB3f5IOAPd0LtjdHp3LEt03cVy20cnB8hwRcIIxM2jsq3f9jNuAo7U7_aSyI3PfGt2_ZTc8Lhaf6dGFoQQ9NJSgBnx2FG6I&sig=Cg0ArKJSzB_NbOL3iDa0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
URL: https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:27:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame 0AF0 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1648830420019&sessionId=94acb011-b05a-c82f-e085-47bd1936c3ee&url=63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com&cheqSource=1&cheqEvent=3&responseTime=477
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 16:27:00 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
6436419e0135c814eb618376e9a6cd3f
Content-Length
4
Expires
0
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ Frame F5F6 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 15:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Apr 2023 15:42:02 GMT
truncated
/ Frame F5F6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78332ab5d7e68e365c8e0244e190bef20a2945e2475fd281700f38e2422e8734

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.fr/adsid/ Frame F5F6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F5F6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F5F6 		334 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4207763707808341&correlator=1409080264060599&eid=31064835%2C31061828&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=27560194%2Cadipolopassback%2Cdisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280%7C320x50%7C300x250%7C300x600&ifi=1&adks=3423123148&sfv=1-0-38&ecs=20220401&fsapi=false&sc=1&cdm=63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com&abxe=1&dt=1648830420096&lmt=1614716223&dlt=1648830419965&idt=117&biw=-12245933&bih=-12245933&isw=320&ish=50&adxs=0&adys=0&ucis=bpwh3qhpyw8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2F63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2F&top=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2F&frm=24&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=348731327.1648830420&ga_sid=1648830420&ga_hid=190093989&ga_fc=false&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c1275b4ff6a2d1159eced4cbbeaa216af03ffa7af1da9cf3c9100509772c38cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1a249051f79c43e75e9da45e7d625bba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 94CC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1a249051f79c43e75e9da45e7d625bba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:27:00 GMT
expires
Sat, 01 Apr 2023 16:27:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame F3A9 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
last-modified
Wed, 30 Mar 2022 13:33:34 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1648648313.273982"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Sun, 01 May 2022 16:27:00 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame F3A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
last-modified
Wed, 30 Mar 2022 13:33:34 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1648648295.971679"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 01 May 2022 16:27:00 GMT
l
mcdp-chidc2.outbrain.com/ Frame F3A9 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=1b8dfb7bc8ff9c5af2946283339d0948_119225_1648830419876&tm=727&eT=0&widgetWidth=300&widgetHeight=250&widgetX=0&widgetY=0&wRV=2000655&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=410&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 01 Apr 2022 16:27:00 GMT
content-encoding
gzip
X-TraceId
fa267855feaf87fca8bf1b18690ab598
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6IjEwM2RhNjI4ZDQyNmIyZjA4NGRiYzNhYjY2YzdhZTBiYjAyMmY0OGYyZDI1ZjA1MWQyZDI3M2FkNTNjYzQxZjIiLCJ3IjozMDAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame F3A9 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjEwM2RhNjI4ZDQyNmIyZjA4NGRiYzNhYjY2YzdhZTBiYjAyMmY0OGYyZDI1ZjA1MWQyZDI3M2FkNTNjYzQxZjIiLCJ3IjozMDAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ecd3dfe7ccaad48e96e258fcbd3e9958b9554d0fad5d244bb7415ad4d110b852

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
cache-control
max-age=1092288
last-modified
Mon, 07 Feb 2022 19:26:01 GMT
x-traceid
aa75120e8ca670181dff29e372d66e06
timing-allow-origin
*
content-length
16860
content-type
image/webp
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame F3A9 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=1b8dfb7bc8ff9c5af2946283339d0948&pvId=1b8dfb7bc8ff9c5af2946283339d0948&sid=8535478&pid=119225&idx=0&wId=151&pad=1&org=0&tm=736&eT=3&cnsnt=no_consent&wRV=2000655&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 16:27:00 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
d1d12f6691f79157cf0cc7937218a9f8
Content-Length
4
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame F5F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfROxGLFmbUJX3jaLaLnTIbxgOFhmRhKFVb7GXOphlSMMGNsuNRzfbm9Xo1fTOkBii8LCmURwDy66vaw_6fAZt2ad6HV_is4JN9P4aUyGSJuyW652MKdpcvDhrZPTlpwJqvzmoE_bWlkJhJVJJB9qsuQ-79alyba5XyJFhsZyZYy3BEFFDkf1AZamC1eP-Llc5cZ-eWOkJpAHGrygjjrQW5sq5sm52Mcu40OyTlhoZOliXhqtQGMKkqLOxDeppq_dh6I5qsoQyCQtIaMgtkFBd5jmXf1C9rYqTMYdxJfJbwxCwhokJ2ZwXm1_HCJep_Kj3pQ&sai=AMfl-YRkfl-xmyRLrq6ipOC4v0i5bGsa_D3261sGzglpWeqiNi7yBgcDp1MKpTezthfVSeQWqTwd9k1nlf4wESXBEqo0EPY_Ja966nIkdTWXWJg-wjW546BowO05JSCxB-g&sig=Cg0ArKJSzFBPbVjewh7MEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:27:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Apr 2022 16:27:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F5F6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a379c707a0c47d8baafd2e9827dacb1b26f2c325657ef16980752a4ba84ce16c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 16:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10766
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F5F6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 16:27:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 53A9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
8909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 13:58:31 GMT
expires
Sat, 01 Apr 2023 13:58:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2D47 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6b5f77b6829048872afa3ce790d477656d3c2a5408dc11393665c04658ef6779
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7zJ96JdHV/z59fVysz37HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-7zJ96JdHV/z59fVysz37HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 16:27:00 GMT
expires
Fri, 01 Apr 2022 16:27:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame 53A9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:58:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
34105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 06:58:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=936622068781627&bg=!-vml-b3NAAZku-1yRLs7ACkAdvg8WtwxN64kezeFQklClOBRPaLsZajMeI8uMtwQgpRNk_F2NiHxZwIAAADlUgAAAAJoAQeZAsjg1DX42kzftCAKqzOOInjYxeaYuWnJPnAiHcvMlklUsFJDY97WB5gnDegCfaEQHJPbKcTCxyE7fbTb1-OY3_fXad1g-0uBDNtVIUxEqBQZEacNevjXfKxn9K2XInFq6tV2EW0O8TcwDYFMCugMBbfmrgZ12ZrQ8BZZZeCtREtfH5Sie14qR9qd9G--2qTpa-L4KEgnixvuviBYcr0fZ-5nzgJwfLa61Dc2exHlr9AyGX___vDiP95QGFy8HaWfgNMn1FLbzWeak4j7k7tbk9iun2UhF5z58ya-WK2v1Yjzwd6VX0CTwY2gYH7Chw6ZG0sGJRhWQ8rnEAl1ykQIX5QlASYPLmNIinC36MgDyEcvwkyaDZrETs15q5VW0iMC1PIVGXqT2B4X4eW5hAXuB9YMdV6TCDaurBD4mSIwVUdzCL7j3JBgIvq62FSXx6cg09PrtibiVKhlZQj4pTTPxAZBp3jzAtJO1XIiF43WZs2XYBTe61fFMkyDu7aStI-nY31jn2DFGO5nHZU0WSIfv44lRnlakb2Ixj62yB_inDJf1CmNykgGEXVvW3UTdNJP3zABhoJLlcf4_eIqZ3ozIgtQpdoN9R9i4qolKXnw-k2YUWHHRN1Ro69lqlsBMW0xxV4FjXzGTKDzWN7bAaKc5EN6s-ohQspvkWYo2tpMOLfQuJ_-Qg_kixYxIJ-ykvCZPadwEr80AKEzS2hMYa1BnJ3xsQCdM1wSsmVeOn6okTxPYL-E5IzWCJ175mfxT2PKeH6lP5F0ayJtKfEc0dUUDCupX-JhHWzTeI6yqIr1E5RhoG7bQAdbjbApR6NVZa51aUPTAGz6m_n9k1act7HfS2m14nbn2XhcQPr9YfCXlw0KTGz4ckY2VHbnHW1--C7awkDguBh_Qpu5WJa5BGLcW9IvSOChLqqrHqbFmOMF9VnWSkEUGns8gZ-W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame 0AF0 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
last-modified
Wed, 30 Mar 2022 13:33:34 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1648648313.273982"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Sun, 01 May 2022 16:27:00 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 0AF0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
last-modified
Wed, 30 Mar 2022 13:33:34 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1648648295.971679"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 01 May 2022 16:27:00 GMT
l
mcdp-chidc2.outbrain.com/ Frame 0AF0 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=7c93a283937306f044bd8317c516f3ff_119225_1648830420223&tm=810&eT=0&widgetWidth=300&widgetHeight=250&widgetX=0&widgetY=0&wRV=2000655&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=507&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 01 Apr 2022 16:27:00 GMT
content-encoding
gzip
X-TraceId
f5d98f8ffc92d5f8b0fe9a38851e6bd4
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94A9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=3901657035599288&bg=!6uml6a3NAAZku-1yRLs7ACkAdvg8Wq4DNdBZiUDjm2kFMh3BWeGmkyWV2PKv2vqGwIRl9srS1obZxgIAAAC9UgAAAAloAQeZAxqiNJTXqZ1LHSxNKAJKuWS15v5sP-jRvNL-DLeKAXk89r8ph3IcwrwSjzssSH0uUnD-dycFHZAu9c87H5NquxLlZQUL7kDgsMpziLIZgq7e45uX8WMAtv-SW8HxHiHBw0WswFBVYt_ee91WYXL4ol3XLkLVF-a4P5vmpTTwa28edYKToUgGpmCD2-4R9xcKs4-vy2YgvYKFHQFp10uui0lpiET8msHHywkHxd8YRMniES9bpO5GHigZ4Ll3Kmtp_bEwzaBNUH-F9gZ4nezz0e8DIew09JP4iqfZGaRXgakzFa12WmF15Rs0ZBeKTuwkkIwPXTBWL_lm_SOUMkr-X4HsoxlxDeL7tz4iJDBjh0a5a5k1Q_LmJSbfkFRvLvDwSJUZqKJFlKvWZhId4ImKwdumMMLw2SSNgK-SH5MrfewuAnbCIC4sVN9PV4MlO0JL2gkXtaZBOQX_WuxFmEsdSW1UuhyoHanHhTzfeFvEqnSGD3m3V9vB5MPBXYNf5Ls1_J_VZnsWYh2e4fo9CRjJKCfVOPxZd6q87ti_jOyV1aFPt72VLHoml9i9CgbDxHBRa84gCDCyYvE9mmQmTTXzahOpgR9B-eqQfXD3Tk8DoGpNoukoQwhgP5ruRRZDBA8ngZcXlGKo_C99GgjrGfCrVBfNYWYO6S7cw_7l-SyIls5pf38858fLdyaXrwZccH1lPX7iQizTMtJOYZqTv9Qw0pue02HsJJKBdjuVjk_mu0_3ocSiAO72F3p7sqIt26fSISUE8lGr_5jbRj7NwZCnX_o8smMPN9K1IVMQeWrSybpxFhGJ3WG9jQgiv4wIdf9Si32Ge3NM83heYEXUg2OUiQ18kqca3poO72vpg7Hw-lE8yxsCEZDPqPAUM2Y-hHwjUhY1QVap0QU-2uG_4j6xdvTKrOgD1S-tDZcDInqa1CsRO30U3zpD49n6hySa4lcdz8IvPkOQCW-iBushyHHlxr7qq7Qgmo6C9ysikBFAiuZ0WiihhT0OXsvw9bQRFJNNgZK9fvSDcEjw_HKZnQDjiWq1ep54PHB8zv1nzA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hd.yalla-shoot.io:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 16:27:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eyJpdSI6ImI2Y2Y5ODBhN2ZkZTIxODYxN2E2ZjE2NmZjYzI4ODAwMTVmZTkxNGU0MzA3NWUwOGRlZDQ4MzYxM2UwNTk0ZGIiLCJ3IjozMDAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 0AF0 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI2Y2Y5ODBhN2ZkZTIxODYxN2E2ZjE2NmZjYzI4ODAwMTVmZTkxNGU0MzA3NWUwOGRlZDQ4MzYxM2UwNTk0ZGIiLCJ3IjozMDAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
772167e1655b23503c68cd1d9786defb6fae68b5f830bcb6d5b8caae274f3fe1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
cache-control
max-age=2216262
last-modified
Tue, 22 Mar 2022 09:19:18 GMT
x-traceid
4f04bf70b2e2459b600ca5a535de7ce8
timing-allow-origin
*
content-length
43806
content-type
image/webp
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 0AF0 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=7c93a283937306f044bd8317c516f3ff&pvId=7c93a283937306f044bd8317c516f3ff&sid=8535478&pid=119225&idx=0&wId=151&pad=1&org=0&tm=859&eT=3&cnsnt=no_consent&wRV=2000655&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 16:27:00 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
5cb917a3522296435058558e5b0b28e0
Content-Length
4
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 2D47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=4207763707808341&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 53A9 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9TlIRA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 16:27:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F3A9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu42PzOpHTm4Kk0wkZ3bnxA1RjZbHNLJCg33FG95QN3ZS17tBG-Rv6zH-ncZE2YXyKrVgSsKzJHQX0cCowoYwCaJbyPNlmTZs19cQ9hiKbmo14SCyVk&sig=Cg0ArKJSzB433kUKZIf6EAE&id=lidar2&mcvt=1006&p=110,650,360,950&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3212919061&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648830419143&rpt=281&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 16:27:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0AF0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus9UpY6qA3lPHwOAiPYibUDW89yf2XCDooGMHXE2sQ8uCvqDDQp_yGha0oTZNEru8nCcretSLqBzU8EKO0xBMMl-2PX7GsDRiDA8YvClWtHFImZgIv&sig=Cg0ArKJSzMxCFCTJcsynEAE&id=lidar2&mcvt=1000&p=886,650,1136,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1564947952&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648830419443&rpt=247&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 16:27:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5F6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=4207763707808341&bg=!T0ylTAjNAAZku-1yRLs7ACkAdvg8WktI8YwqyvkY-ToYWanmU2CEcWPBygiQrQcRttjuwFCwpsYFhAIAAABqUgAAAAJoAQeZAx0QW5pPB9Ll6a9ZOYk1QnTsjkrBXBliB42pt4EDbCNGhB8SAchSD0Vs4Dtqoxu038tleQRGby0Aunik_0SPbvVfEy9P-aU7uRBAGly7QToz5ZWIap9sRnyazyX7TbEqiG-wSf3K5C6Xhl6AGO7gZUiTI18f-01Z5KnNbuLBGTMp0yoWfKS4t489oMzVvZWP_uaKwk0uYlUAfWl2f_n-0Zk4imldlj53etCCqFVOSqJf1uXUeXocUmMx_ZuqU_TUBT_4Dov_xPbviO5bm7wxdAo_SWpeBZu5LbM1tVxl3granvWJsoCQDntffjl8zWSeXexEcSsO0w6He1kO02NRrK8oKbTsf6G9WZcCd-e1HoFWWEu4mO9Q3IkHems5vhKJ7sXb2dkacdde1vixQv4qkkN87piNkMK5lSwuMbr-u9Txnm_8kwr6oILZBFKBxuc0KmYdytVvt7MzZ5HxK-Lu1uRnTE67k4AIIQHz8tEy08pNYbpYVZGnQ6YB4Xo1NyUN34MtOQNC1w2B8ruSqT1TJO8pGJmDEM9nRlbn3ZvPOH7ksBmi97fu1YImCT7gtzS4ZU5sr0o4_w5M7DfWVqW1Nd8NbrcVQtrDdeKYVySumOy9DJqi5lUoLcbPPJYB3Y1TEcRQ2B30_dbtepq8hg2Q2OCrrSq6krP-O1M80QuATPNZgjy9JpuDnRxL2yRqaE92Kieea53xB7RQ_GRaeNzSeFrEScrmzrCaHiJL4tCiRrreci9n-n85h9I0AEtSpHbmQZ-vR4GMvZmWIEo24EtfyMD1LXCQJSWb3Mt58kyvWTNuQkEAnV5Z04dm8rvFFDB5PiS6-1aJpHBsiLBtCUbGk5sdgh5OjE2xUbdyrEOz_gqFjPO4OOYXDqqF9Wb3EK7TWe5NhCjYuqJEAG1wpNOmfvc4tm7mtwbFtPCj8L8w5p0ni2abpgTiLIrt4FdF549KeIKxZMoEyFt4IWdR9xT28BLIruNt-QGF37xmnGdkxJU_AlQBVtp8tHlBZE3z78Arzlpv9NCOYklxfqdRBWfdZ_I1icPhQLk8chvCeqxwBA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 16:27:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F5F6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzt0X3iwO4eoup4kR0d7RKWCe_zPT_JZgUFRo1CV5Ee9RBeBacx_xxXRxOJWPlI7hG7-F1lPAxc1d23uIOZ_-ZVLudD9hlj2mjh2Elk_r2bGPwtxek&sig=Cg0ArKJSzCCNDMqrsCIGEAE&id=lidar2&mcvt=1000&p=433,640,483,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1242842709&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648830419935&rpt=227&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 16:27:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log-viewability
log.outbrainimg.com/api/loggerBatch/ Frame F3A9 		4 B
325 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 16:27:02 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
6e57167e61bc4246c07f1340e384f740
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/api/loggerBatch/ Frame 0AF0 		4 B
325 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 16:27:02 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
7e7d1911de43271141b5693f4848c0ab
Content-Length
4
Expires
0

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| gptAdSlots object| googletag object| interstitialSlot undefined| staticSlot function| rdmode function| gtag object| dataLayer function| AlbaLoadLazy function| HqyLazyload function| AlbaLoadMorPostScroall object| ggeac object| google_js_reporting_queue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

6 Cookies

Domain/Path Name / Value
.yalla-shoot.io/ Name: _ga
Value: GA1.2.1951056231.1648830419
.yalla-shoot.io/ Name: _gid
Value: GA1.2.1919040230.1648830419
.yalla-shoot.io/ Name: _gat_gtag_UA_107335079_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnpUEuiZblcLJpLB5ND6G2ky06FewawnVgI96_j0buLBFUyr_oiPDWEhXJnDJw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yalla-shoot.io/ Name: __gads
Value: ID=21ded5a17ac8b409-22a3c54c6ccd0016:T=1648830418:S=ALNI_MaRrd8eHfojRhZoV0OgX9RnveV35A

1 Console Messages

Source Level URL
Text
other warning URL: https://hd.yalla-shoot.io:2096/m/(Line 323)
Message:
<link rel=preload> must have a valid `as` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a249051f79c43e75e9da45e7d625bba.safeframe.googlesyndication.com
58a6a79cebcdbb6c4cf8e0a47406cd6c.safeframe.googlesyndication.com
63ad6a50a447d7911d2a445617f6ac4f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.fr
fonts.googleapis.com
hd.yalla-shoot.io
images.outbrainimg.com
log.outbrainimg.com
mcdp-chidc2.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.186.98
151.101.114.132
23.35.229.181
2606:4700:3033::6815:91
2a00:1450:4001:800::2004
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
64.74.236.95
69.192.161.85
70.42.32.127
024012c1535932b3154b53f4a73115c22d4be57aac99bf3ededea99ecf03dec7
03b67d7a407ab1993369f0bb65cfe61fd1a230af4337dd9e446f02f836aebaaa
055f76c38762394ad0189351b2761c69422e03226740cad88fd48ad097fb7191
081dee3ee9ad88eb47089388b97ec8beaf5c70123f7a8c0b078cff1564640337
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
17c36e9523e8b97999649b89a0f8480d574d7a1fe1dd4f3d8fe841e5649cd0c5
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1eaf6cf2f3db9d900fe38f7d886ef6a83221337827c3876e5c8d44459a46af42
20e46457c8f8e5fd99bce265e0fbf3f08c729aa13c22d894a8dd21e570e77c13
235223ed91e5eaddb9f54750c0806b8af149f465c7609b2e18dece9a63b4aec9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a975f880ea9bba40ea13909e5d4eb1791854e9f9678d5706a983a4a9963f53
2c03affc649943e002ff0ba6ddd2b26aa9f213e856899084afd68d969f559b1c
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2db1a0f9843bc872b5e9c43c3df015f83283828be77ab58729e96c467724b243
2f9b319439bf0fb22c1ac201477b4aa9f7ce51c2277e1a9bbf691b8614a1449a
324b653b7625c836bcd1a510e27d070da459ec64ae7ec945a0b9c0d4479c830a
39c1b198e706308c036ff270903633b239d1ef042a3b9122e72394ea3be2cbd8
3c0ffcb17c8c731a8619af9290e6039af7372669aeb1f360ad02ccd21727ba87
40203c29241e168562c1d92e637f1adc66bdc4b0b0119bd68f000e689e456376
43c6e21064be258f594fb6cebe7721470437bb266d04b62c7ca34d3451831856
4a05d75c1de06333d1894566d0a5e8b6a0e26866bbcd31f8f4a81093ed673e71
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
5479b62d38679f3d4f4ce693c0b269a8ecd0fe1d0867093e8a5dcaf5df6e2a44
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570f313bd1609d2b152f4d6f2b8602eb513075e17f5d96357fc5158eacb72ac4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b5f77b6829048872afa3ce790d477656d3c2a5408dc11393665c04658ef6779
6b7c5ba2099cfba673e9252aacecf40d865af1e7d6657a006307f078abc778ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
712de98aea70fd50f8a5051da6c4dbcbe12fd921adac951f9a5b2c82e1a07038
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
72f20c6b312535aefb2c9e052a92a0d944b8112ee1f3bdb4a8b06c3fa00f98b8
747ac0bf3a64cbec3bcb5b5b541d1eb6eecd9f530c7e546687a8991c481b8d09
772167e1655b23503c68cd1d9786defb6fae68b5f830bcb6d5b8caae274f3fe1
78332ab5d7e68e365c8e0244e190bef20a2945e2475fd281700f38e2422e8734
79adad5c64102a32870604cd897b9dcd6d438430e220df237f131690c60439e5
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
97db4c947e6df52d334c6723cf28fd3335e38f1b43a7ce447679d10731dc2a78
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a379c707a0c47d8baafd2e9827dacb1b26f2c325657ef16980752a4ba84ce16c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aed61b0c8eaed22994f3dc723bd17919790296cba98502639008acc8143b3542
b0c75caee5d21bd75b61c213c7ceffc41f0bd88567d67b89c73d978641622084
b1c32889347a252530ba3058de3b77eb6357daf06f558802d0c6cec14a2711d8
b4b49d4d31bafde40cecd2f1810924311d1c8e3809fbaaddc3a1578c3e18b34e
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beae98f422c458f41088c233ee00418c48fb96de401daabe9ee1c6b75df963b2
c1275b4ff6a2d1159eced4cbbeaa216af03ffa7af1da9cf3c9100509772c38cc
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
c8024b2f32a2a9ff993ac927ca10873b82418de6ce5d2aa843b183bb5c2341b0
cc40ae071747cc744b33984bc4e327d818517e6808dd4c5e518af722447fac4a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d39aa0aebdb1e2df2ad33e83bbcee42df99764d4bc50e31fc269cceb1eff973b
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d66ddf63cfc9a614849bcb959e3b616478106a8754cb9f8ecb8b618977a73209
da658b84eb4e66d946363d2deabe1bcebafd1e98656e6a99fe8c7eac7ab16143
ddbec82c60b193aec26dfa369ed71d311c4ce6c1450a48398802492780b9d2ce
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecd3dfe7ccaad48e96e258fcbd3e9958b9554d0fad5d244bb7415ad4d110b852
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3cd42ee43cad75a80a68212f6945c8ad7fb4dd4de5a27ebc0c36635531aa0f
f2c14df85a189fdc472aefd7442933d67835f3c02e33ab385149d2c6cd3c892c
fd020c53e1373b1e033b1243524450257e6416f0107a8d4ecb01ad10eaad57a8
ff7f0db59ffd38f5af0009ee79fc9d28a6a1a58b1fad8a596a121317c8ba61e1