shoot-yalla.to Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://shoot-yalla.to/
Submission: On May 22 via manual (May 22nd 2023, 8:02:01 pm UTC) from IN — Scanned from NL

Summary HTTP 199 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 33 domains to perform 199 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is shoot-yalla.to.

This is the only time shoot-yalla.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
11	13.32.99.102 13.32.99.102	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
16	104.21.87.59 104.21.87.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
6	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
9	143.204.215.128 143.204.215.128	16509 (AMAZON-02) (AMAZON-02)
1	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	2600:9000:236... 2600:9000:236e:d400:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 17	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:401... 2a00:1450:4013:c16::78	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4009:d::a	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 5	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:725e:9f54:b469:50f2	16509 (AMAZON-02) (AMAZON-02)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
199	46

4 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

shoot-yalla.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.32.99.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-102.fra60.r.cloudfront.net

mediation.magnetssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.21.87.59 (None, )

ASN13335 (CLOUDFLARENET, US)

web-api.scorarab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c81:5142::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.215.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-128.fra53.r.cloudfront.net

www.boomplaygames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bea3c60389061a3808bab6673953f139.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:d400:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4013:c16::78 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:d::a (London, United Kingdom)

ASN15169 (GOOGLE, US)

rr5---sn-aigl6nz7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:725e:9f54:b469:50f2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 bea3c60389061a3808bab6673953f139.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	553 KB
30	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 245 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	2 MB
16	scorarab.com web-api.scorarab.com — Cisco Umbrella Rank: 313034	118 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	216 KB
11	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 129387 adipolo.com — Cisco Umbrella Rank: 114963 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 148819	154 KB
11	magnetssp.com mediation.magnetssp.com — Cisco Umbrella Rank: 197073	18 KB
10	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	3 KB
9	boomplaygames.com www.boomplaygames.com — Cisco Umbrella Rank: 274485	467 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 437	135 KB
7	google.nl adservice.google.nl — Cisco Umbrella Rank: 15742	1 KB
6	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	2 MB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 723 ads.eu.criteo.com — Cisco Umbrella Rank: 8856 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837	14 KB
4	googletagservices.com 1 redirects www.googletagservices.com — Cisco Umbrella Rank: 181	132 KB
4	shoot-yalla.to shoot-yalla.to	185 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
3	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 126189	17 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1255	503 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1769	1 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 729	399 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1351	24 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	125 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1546	296 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 722	760 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 606	584 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2889	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 686	463 B
1	googlevideo.com rr5---sn-aigl6nz7.googlevideo.com — Cisco Umbrella Rank: 45686	544 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 597	399 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	2 KB
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 26743	3 KB
1	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 583	652 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	605 B
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6866	5 KB
199	33

	Domain	Requested by
27	pagead2.googlesyndication.com	mediation.magnetssp.com pagead2.googlesyndication.com www.boomplaygames.com shoot-yalla.to googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
17	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
16	web-api.scorarab.com	shoot-yalla.to
12	securepubads.g.doubleclick.net	1 redirects shoot-yalla.to securepubads.g.doubleclick.net www.googletagservices.com
11	mediation.magnetssp.com	shoot-yalla.to mediation.magnetssp.com
9	www.boomplaygames.com	mediation.magnetssp.com www.boomplaygames.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	csi.gstatic.com	imasdk.googleapis.com www.gstatic.com
7	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	adservice.google.nl	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	static.criteo.net	acdn.adnxs.com static.criteo.net googleads.g.doubleclick.net
6	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
5	cm.g.doubleclick.net	1 redirects www.boomplaygames.com googleads.g.doubleclick.net
5	static.doubleclick.net	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	1 redirects shoot-yalla.to securepubads.g.doubleclick.net googleads.g.doubleclick.net
4	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
4	shoot-yalla.to	shoot-yalla.to
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	jscdn.greeter.me	shoot-yalla.to
2	gum.criteo.com	1 redirects static.criteo.net
2	sync.teads.tv	1 redirects www.boomplaygames.com
2	e.dlx.addthis.com	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	onetag-sys.com	acdn.adnxs.com
2	script.4dex.io	acdn.adnxs.com script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	shoot-yalla.to www.googletagmanager.com
1	mug.criteo.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rr5---sn-aigl6nz7.googlevideo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	imasdk.googleapis.com
1	bidder.criteo.com	acdn.adnxs.com
1	ap.lijit.com	acdn.adnxs.com
1	cdn.jsdelivr.net	acdn.adnxs.com
1	wrappers.geoedge.be	acdn.adnxs.com
1	acdn.adnxs.com	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bea3c60389061a3808bab6673953f139.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	player.adtelligent.com	player.aplhb.adipolo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	adipolo.com	shoot-yalla.to
199	48

This site contains links to these domains. Also see Links.

Domain
signup.adipolo.com
lives.shoot-yalla.tv
yacine-tv.live
hesgoal-tv.io
live-kora.tv
yalla-shoots.to

Subject Issuer	Validity	Valid
*.shoot-yalla.to R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
greeter.me E1	`2023-05-15` - `2023-08-13`	3 months	crt.sh
*.magnetssp.com Amazon RSA 2048 M02	`2022-11-18` - `2023-12-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.scorarab.com GTS CA 1P5	`2023-03-30` - `2023-06-28`	3 months	crt.sh
adipolo.com E1	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2023-04-06` - `2023-07-05`	3 months	crt.sh
*.boomplaygames.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-06`	a year	crt.sh
player.adtelligent.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
cdn.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2022-10-01` - `2023-10-20`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-05-09` - `2023-07-18`	2 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 20 frames:

Primary Page: http://shoot-yalla.to/
Frame ID: A3104C668BDF6288EB87BD312B94FAC6
Requests: 77 HTTP requests in this frame

Frame: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
Frame ID: 3D11E2CCD6DFC898B123D89CE32158C3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: E866B285027F7F5EFEC7280F65CB044F
Requests: 1 HTTP requests in this frame

Frame: https://www.boomplaygames.com/afgegg?at=1
Frame ID: AE4461EF03F2CED533BC87A450B36DB6
Requests: 26 HTTP requests in this frame

Frame: https://bea3c60389061a3808bab6673953f139.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7128B75AFECB91712A379A6EDEFFB9D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=1573534164&lmt=1684785684&plat=1%3A16777280%2C2%3A64%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&dt=1684785708389&bpp=5&bdt=760&idt=365&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5337067409502&frm=20&pv=2&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44792645%2C44789817&oid=2&pvsid=2975016614555088&tmod=1490340941&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=415
Frame ID: 1783F3728D30B0C780DA79E0DB176FA0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1684785684&rafmt=1&format=1200x280&url=http%3A%2F%2Fshoot-yalla.to%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1684785708493&bpp=4&bdt=864&idt=332&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5337067409502&frm=20&pv=1&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44792645%2C44789817&oid=2&pvsid=2975016614555088&tmod=1490340941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vJhimCQ57N&p=http%3A//shoot-yalla.to&dtd=344
Frame ID: A4259243105BDE602088209E59FE1847
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvB8LJMPEwbOZsoKOXzjwfYZzbb3p1CVF20dIQXsIoPCvtGqbByW5kgSwg5jEzaq0mNwt-YkPYHBSyrdfBAmvYZsJSv6Ocn-7que5l6dS7rHQVDXZGY_wqzgCLa_9g3BeQc4XrTOqvCsHtLkYoVbpgkAghpJgo3toEzIYLbO2fq0af9bWtVD1NW3z3zblJW0brBjUPQ1d2irQU0gUyR3NrH2aiR-Lt10ag96HEU0l5ymTRPopSAI0H0jXQ5gYTOSK1NIAlaLVbY0GxZ29u6UohDp8gIHVJuV33X1QHf7BadF9LPGQJS7gVgBmWzRcI8frZrlBfRQu3&sai=AMfl-YTIo5O_RrvydDMPXpecvACxqYEUMDs7DzyBa2tiEQqKTZg5kK78R6Bt7o-VPMtvegzCnyRs5bYYI4eLuyA5Hc2iqhoeRJv4ABns4eoAXn5qSGfmmzxkK127SDpgbaOeBLaa-L5snmF1RwtrMYY&sig=Cg0ArKJSzIopedd-KyirEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1161257FEC91B834EBB202ED98348AD6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3279755399&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&dt=1684785708881&bpp=4&bdt=164&idt=214&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=332808532844&frm=24&ife=1&pv=2&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.my6xxe5zis86&fsb=1&dtd=239
Frame ID: CB62EC29F704E95481C0D373256E014E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9
Frame ID: AAE3F886515B728E9A720B894438A69E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378851&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684785709808&bpp=1&bdt=1091&idt=1&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.k5vuyrecm71f&fsb=1&dtd=3
Frame ID: 020D26413F987F9DF4A53D8EC3ACD0C5
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: D3393BC9C433B9563B6D20A8F29E76D8
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Frame ID: 342BB21110ADDBE279F6615DA8EDE5F0
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: 295C428A01760DBA79D76EE90EDF1FD4
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 13D096AE30884B2F037E0CB02D5C3BD8
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shoot-yalla.to
Frame ID: CDA87B400167924016F8AD6F7ABAF7AC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC2CF8FC8F32352F5F87534F16E98A9F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 630300989A6E75706159909DA4CAC1BD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 14A795BF5C86A95A0AF694F2D85F3B5C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 146B7D817FD06F36BEF17D3379873DFB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yalla Shoot LIVE - English

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

199
Requests

92 %
HTTPS

67 %
IPv6

33
Domains

48
Subdomains

46
IPs

7
Countries

7581 kB
Transfer

12414 kB
Size

26
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.adipolo.com/

Search URL Search Domain Scan URL

URL: https://lives.shoot-yalla.tv/%3E%20%20%20Yalla%20Shoot%3C/a%3E%3C/li%3E%20%3Cli%20%20class=

Search URL Search Domain Scan URL

URL: https://yacine-tv.live/
Title: ياسين تيفي Yacine TV

Search URL Search Domain Scan URL

URL: https://hesgoal-tv.io/
Title: Hesgoal

Search URL Search Domain Scan URL

URL: https://live-kora.tv/
Title: kora live - كورة لايف

Search URL Search Domain Scan URL

URL: https://yalla-shoots.to/
Title: Yalla Shoot

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 33

http://www.googletagservices.com/tag/js/gpt.js HTTP 302
https://www.googletagservices.com/tag/js/gpt.js

Request Chain 106

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgkbzmdhDuBBibATIIddg7_rD0C-k HTTP 301
https://tpc.googlesyndication.com/simgad/5524161697449620939

Request Chain 160

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGFFDf53lmWyr6-L9Uo8B18&google_cver=1&google_push=ATf1kGPzm_mVc4NCz_lHh3GELx0ptY14vrRDzPaURhpFMrZl8cRvuGz230FX2HyrqbFDPPtzS4A4fpFaC46TRDb7vssRgARbgycse7VEFKJIbzyRpdbndV_JRMHNeTK4HR8GWpT9WDxpbyy06b2DIjii8IrRlMs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGFFDf53lmWyr6-L9Uo8B18&google_push=ATf1kGPzm_mVc4NCz_lHh3GELx0ptY14vrRDzPaURhpFMrZl8cRvuGz230FX2HyrqbFDPPtzS4A4fpFaC46TRDb7vssRgARbgycse7VEFKJIbzyRpdbndV_JRMHNeTK4HR8GWpT9WDxpbyy06b2DIjii8IrRlMs

Request Chain 161

https://um.simpli.fi/gp_match?google_gid=CAESEO6n5fH3RiFZZoCEm5PWbK8&google_cver=1&google_push=ATf1kGMoJPqm7EykMMPhsBrRl_nfQMAWRUoVip4ZG1Y17h82Ksp6NwF6DVpPWDEIiexIn5T5uArV4d271Ejs-xuLff3XVb0NNVDyfvipBUKxjIvlpCZ0AiuFlGAseiBtCYUlMoyQPpXJHTk7n-YEzQ_zVJMJyPU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC7491C0150F465FAC8CC6B7A8089B15&google_push=ATf1kGMoJPqm7EykMMPhsBrRl_nfQMAWRUoVip4ZG1Y17h82Ksp6NwF6DVpPWDEIiexIn5T5uArV4d271Ejs-xuLff3XVb0NNVDyfvipBUKxjIvlpCZ0AiuFlGAseiBtCYUlMoyQPpXJHTk7n-YEzQ_zVJMJyPU

Request Chain 162

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGNE4P8IwTBC2VvfBWi2etB87tv4ere8uu-EsSJb0w7niNEOixM86ce4uAXy5b0HdBvv5hJgNNyDBKsrKtmEsrGqryprewGXwJQhtMHrw8OuChvFxYQXttNkVWVBRTz6QuxHliUrqKONdPu3RZeR3q4Zpw&google_gid=CAESEDc71hIPicsq2HLYe0cFrGQ&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGNE4P8IwTBC2VvfBWi2etB87tv4ere8uu-EsSJb0w7niNEOixM86ce4uAXy5b0HdBvv5hJgNNyDBKsrKtmEsrGqryprewGXwJQhtMHrw8OuChvFxYQXttNkVWVBRTz6QuxHliUrqKONdPu3RZeR3q4Zpw&google_gid=CAESEDc71hIPicsq2HLYe0cFrGQ&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MjIyMDAxNTIwMDA2OTY0NzcyNDY4OQ%3D%3D&google_push=ATf1kGNE4P8IwTBC2VvfBWi2etB87tv4ere8uu-EsSJb0w7niNEOixM86ce4uAXy5b0HdBvv5hJgNNyDBKsrKtmEsrGqryprewGXwJQhtMHrw8OuChvFxYQXttNkVWVBRTz6QuxHliUrqKONdPu3RZeR3q4Zpw

Request Chain 164

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGsMUT4wuNv4X3fG3aSy_oc&google_cver=1&google_push=ATf1kGPb0Z3NEJcDbJ7Hm82opdKjRHQSdcET3RExiVFeRxQWMDxKVQOeMVDgdqKsYzPgyRrgaZhsL_MJJTk5AY7N2e2w64PtaREcDzuebdqsQZBdUFcw04hsjDOKV0cmF78MsbKrYDyiB5TpaCrcCihROi5v2Ik HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPb0Z3NEJcDbJ7Hm82opdKjRHQSdcET3RExiVFeRxQWMDxKVQOeMVDgdqKsYzPgyRrgaZhsL_MJJTk5AY7N2e2w64PtaREcDzuebdqsQZBdUFcw04hsjDOKV0cmF78MsbKrYDyiB5TpaCrcCihROi5v2Ik HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 177

https://gum.criteo.com/sid/json?origin=publishertag&domain=shoot-yalla.to&sn=ChromeSyncframe&so=0&topUrl=shoot-yalla.to&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=p9hwhnwxYzhEK0xQK1hWUTVaOUNiaklIYUxHeVZqdmR4ejM3UGppa1VKNmhMeXg0RXR6QXVYZXRXdjhVY05PeHYydTV5aUZVZ0xhay9ZWmtPZklZcXFHRnpTdnVWamx3L3h4Nk1yakVnc04xTUFxQnBBTTdVNXZ3THRBU1hhK0ZvRjI1Zm9MaGYxMTc4elNxRk1VZWJlakhDV2FNcmhlV1I4cmhPWnNvWlpGMEZ4QXRIeEExTjc5SDhud0dDQVVMamd6bWd4QytxWCtyNFE5bndFVmpuakxlZVlNU0grZXZhZUIvWDNEbHFpazBGanJGWm5vVVo5anlvZXpnbXk0Y0p0d2tVS2ZFdDFDNmYxdUgvK0pxVm1xdUFBdz09fA&cppv=2

199 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
shoot-yalla.to/ 100 KB
18 KB 126ms
68ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://shoot-yalla.to/

Protocol

HTTP/1.1

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64672af3b0d97c594185abedeb246c7b79164a879dcbae49f2facaf7486303c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7cb7a7304e421c73-FRA
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 May 2023 20:01:47 GMT
Expires: Mon, 22 May 2023 20:02:47 GMT
Last-modified: Mon, 22 May 2023 20:01:24 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: public
Referrer-Policy: strict-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skrqa6iLuJx2cVin57EFbQAmuBbhvMUsD4vWhEccCgIf%2FhAwTZQxnXwCBvuV%2F72oNlOCpLUFnWPA%2B6O6XEHmDTnqX1LxdQMxy6fzZX%2F89vlkGPFNYrLUebjsKQEESD7qUA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 standing.css
shoot-yalla.to/assets/css/ 8 KB
2 KB 138ms
63ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/assets/css/standing.css?t=1684785684

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ad92bb2e47d63ce3250b038f2c017eacfb824a3dd8def98d2c4df41bdfa82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 25 Sep 2022 18:04:40 GMT
server: cloudflare
etag: W/"63309838-1f55"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfXL0msjc2xKFahXGcB0pqf3LayFQvmjIvZSMLDPr2St%2FnlCg6wmfN98GpjzGELbPf00uEfRdLkCCzo0QFDkVMnbqPzhEEKEiPF6ZIBqvbGJH2Jy179o0n%2BifXE%2BV0hKBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7cb7a73148b79b25-FRA
expires: Wed, 21 Jun 2023 20:01:47 GMT

GET
H2 200 shoot-yalla.tohead.js Show response
jscdn.greeter.me/ 8 KB
8 KB 122ms
19ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/shoot-yalla.tohead.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

714e12f6093f5ffbf0c50cfb2051c9c85b86e0bde08696b8d7763881da70dd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Apr 2023 10:33:58 GMT
x-amz-request-id: tx00000000000009230160f-00646bc38b-962143d0-fra1b
etag: "3263dc2933663b7a5fb0b0bf8d4b9327"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1684785707.dop254.am5.t,1684785707.cds303.am5.hn,1684785707.cds219.am5.c
content-type: text/javascript
cache-control: max-age=1904
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8286

GET
H2 200 shoot-yalla.todynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 22ms
21ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/shoot-yalla.todynamic.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

95c03596aa5342e6dc64b5c7e075cc5023788a63371a52796f2d282f8c3834a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Apr 2023 10:33:57 GMT
x-amz-request-id: tx00000000000008f7d2ed3-00646bc38b-9655fbac-fra1b
etag: "c0b8448b11470e49820a20a657851cc2"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1684785707.dop254.am5.t,1684785707.cds303.am5.hn,1684785707.cds323.am5.c
content-type: text/javascript
cache-control: max-age=1904
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7961

GET
H2 200 A-letterbigger_Savir.png
jscdn.greeter.me/ 945 B
1 KB 24ms
23ms Image
image/png 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jscdn.greeter.me/A-letterbigger_Savir.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id: tx00000000000008f77dd5f-00646bc163-97671145-fra1b
etag: "f07519ec5fbc46385f386b577e6e2a1d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1684785707.dop254.am5.t,1684785707.cds303.am5.hn,1684785707.cds320.am5.c
content-type: image/png
cache-control: max-age=1352
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 945

GET
H2 200 logo.png
shoot-yalla.to/assets/images/ 161 KB
162 KB 37ms
36ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shoot-yalla.to/assets/images/logo.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817504c104c8071a04f168dcc245705cb9641f44d97b2692ae5abe5e011c02e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1589423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 165227
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 25 Sep 2022 11:00:01 GMT
server: cloudflare
etag: "633034b1-2856b"
x-frame-options: SAMEORIGIN, SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8oUPPeIbL1cGOkUA%2BvXZHkidRR27bU20ZH0iIh7TeYo7RA4kbnuI3RmPfjNS2WU5z3H8YOQfW1y3he%2B8%2FGwDy2gsIVCcLcEVI0JvUP3fgIztRjCPraayPEsFNnc4rMCog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a73209ec9b25-FRA
expires: Sat, 03 Jun 2023 10:31:24 GMT

GET
H2 200 magnetsspads.min.js Show response
mediation.magnetssp.com/bpads/js/ 11 KB
4 KB 148ms
51ms Script
application/javascript 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Requested by: Host: shoot-yalla.to
URL: http://shoot-yalla.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d50e12b32a9f597e7db520fcf93c0db0703ce8b2f22977ca7e8b8d7297f06bad

Request headers

Referer: http://shoot-yalla.to/
Origin: http://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:02:40 GMT
content-encoding: gzip
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: http://shoot-yalla.to
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: X_AV9ZZqT6FXnKBmQybSPxzOmESir--8ujp_Hgv2WJMAHBd1PtnPog==

GET
H2 200 lazyload.js Show response
shoot-yalla.to/assets/themes/yalla-shoot/js/ 7 KB
3 KB 34ms
33ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shoot-yalla.to/assets/themes/yalla-shoot/js/lazyload.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3ceed2256e78d1d6cf8ca4405b9204e43ed8dace787060fda3e822204fdbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1588723
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 23 Jul 2022 01:24:16 GMT
server: cloudflare
etag: W/"62db4dc0-1c51"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GiVQXJIk0B9FWwgtW7chWYnT%2Bne6%2FC6McllA5gkACzqunOnyUMtAF7UuVs717tgnat4vj4HMVtLyIYfju16HGT9GbXGCzvw3ecbgiIFANA4iyaQaXO1WxNm4xzgPTyaPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7cb7a73189149b25-FRA
expires: Sat, 03 Jun 2023 10:43:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 149ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c3412f3f6fc8285795ada981ce5a07aaff8cdce61f916c65b423b86a2944381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47535
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 May 2023 20:01:47 GMT

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET Montserrat-SemiBold.ttf
shoot-yalla.to/assets/fonts/ 0
0

GET
H2 200 1557093197.png
web-api.scorarab.com/uploads/team/ 11 KB
12 KB 244ms
69ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557093197.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd6632a78536ac110f45dba520723c75f13dc78865cfa899331df5ab6c472df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 875505
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11593
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-2d49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzv1EKY8MmOYEQRSouqv47FLup3YFz%2Fr5T7I7REK1i%2B5MPfDZvCvT9V28p8leNsARZumrsKfsSj1VL%2F3LLYR6%2BM1IYoNe1AxgsMAd7oD4piItBX1M6BA6ZoYaLtmwgYLU4W5LDi6mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed812bce-FRA
expires: Sun, 11 Jun 2023 16:50:03 GMT

GET
H2 200 1556955966.png
web-api.scorarab.com/uploads/team/ 11 KB
11 KB 247ms
73ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556955966.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee327743ca88bb95d1de12d383f6834f568fba609a87144d769a2fcabdf7f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10777
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-2a19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89dNaCLfauNuUJrAqaalreYCO0Toc%2BEItF1ZPDz%2B2MmSMJaBbbv84Z78WgF0QQGCtfT0igEUgt5cvyNgDG24f80PuHig17oqCvtOXrvT3p7q5spuHZi628GvKnDEnls3lblBo5Of3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed842bce-FRA
expires: Fri, 16 Jun 2023 19:12:26 GMT

GET
H2 200 1559434130.png
web-api.scorarab.com/uploads/team/ 2 KB
2 KB 244ms
70ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1559434130.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36c0d3594606f5e6ef9f485a89ee1dfe62396656e957b75841aeb79fa131fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1786
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-6fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3F%2BgxyZjQt0GMx1L1Y9MMRsS2RenE2798WBB9JXCAClW3djI8qIA%2B%2FVhYE20bwt0bJcHhAhqNqDbP3t8NWSYWBsHbx%2FV9G48zo1U1uOD9hy4ihseP0%2B5anxf%2BWM%2FPd5I9S%2F0tmWKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed8e2bce-FRA
expires: Wed, 21 Jun 2023 06:33:57 GMT

GET
H2 200 1670707210.png
web-api.scorarab.com/uploads/team/ 4 KB
4 KB 247ms
73ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1670707210.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9edad92940f52592a6b456ecf43426fca9534e506b030224556529a95e7359f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48208
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4000
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Dec 2022 21:20:10 GMT
server: cloudflare
etag: "6394f80a-fa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNZWdjUfJWtZWQpyFh8xCdBYq4rODMNFEMtrVMqKLUa%2BB1WG%2BmE%2FMSQcUC7k91pPpTkhmjuQfj9wj1%2FUaJJyT9JwFq7iGXLAA%2BQAS%2BD3L8ZBd%2Fh%2FZRkDvubVJafDYo8Wurb5RabhtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed922bce-FRA
expires: Wed, 21 Jun 2023 06:38:20 GMT

GET
H2 200 1605609771.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 246ms
72ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1605609771.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c59b6ad634524c6d65a370db5738744a394f46edec429d01f9e0675f1fc723b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 198455
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2686
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-a7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NP0YUQfZoLkCKv4uHPqeC0%2BJcn%2FIaOLByeISZhtAQ51ZJZjfRmbnsvPEz3NX1TmTFlrr5ZL%2FcJ8z6XGhJYL4sHUIAsWVZQlk5Ac8JL5KRHTUJ2n%2Fbk4McjTJreNZD1Lzn7WnwEXDxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed8d2bce-FRA
expires: Mon, 19 Jun 2023 12:54:13 GMT

GET
H2 200 1670707143.png
web-api.scorarab.com/uploads/team/ 5 KB
6 KB 242ms
70ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1670707143.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a81374af84c6654bbe81b18f8b6ae362bd108d74a1d875ca505f1ab0685dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90525
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5489
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Dec 2022 21:19:03 GMT
server: cloudflare
etag: "6394f7c7-1571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CAVv53MCs8vLo5fAHvfnqBmPJUdzwSCepFJug6aQl0aC9IezDcUi%2F9IXHl23XjfY6X6y9YLQ0PTrYxY1uOxZOyiD3cihNlj6NYeUdusRTCQ4Sahqgx6Czj%2F7n8sVvNYt9H4qXMgQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed902bce-FRA
expires: Tue, 20 Jun 2023 18:53:03 GMT

GET
H2 200 1557008685.png
web-api.scorarab.com/uploads/team/ 9 KB
9 KB 147ms
34ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557008685.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd57ce402a088738dd0297e29f81b5a5d2f76255dd632e2f9e0eb010161e2ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261389
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8721
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-2211"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQZXBQPmnuJovWOoblwEWt%2FpLXheQd4Xu9mMwPdgJu%2FRzOOrVt1SL6j3Jq6RHDvRvXfTrNkO2FF7JaPNKIZ5PCrMk6RHDjV0jQq%2Fg9n%2FhdoqulKomSXdYCl6UyZ44jHOXW2YfWnUfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733dd722bce-FRA
expires: Sun, 18 Jun 2023 19:25:19 GMT

GET
H2 200 1667380586.png
web-api.scorarab.com/uploads/team/ 37 KB
37 KB 148ms
36ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1667380586.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159ad304f4605d9228753ad23f4166bdb139f111aed165b53060d662abc6ee73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47935
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37962
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Nov 2022 09:16:26 GMT
server: cloudflare
etag: "6362356a-944a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3nesyY3jdspKIbUmPDbKtiUYjEacWZ%2BVfaKEdqvqhs7YwZk6JWOGZcbvHzxdPXk60voKIlg3XJKVbT61fEiL%2FZ%2BkHnzmBnLiRol0skOl3OaGUT9niKcE64gUy0zNJTWF3ZVEtU7vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733dd762bce-FRA
expires: Wed, 21 Jun 2023 06:42:53 GMT

GET
H2 200 1556907695.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 184ms
71ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1556907695.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e106d048b80f677650e1a74fd03b1be6296b33a133b6f72cbcd329e3cb651bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 859907
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2927
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-b6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVwjpFFSeXycuPEl6p7vjN61z7GuqEFk8XPfVsRm6fsAMIBrDZXNhqjDGiGmH%2BGgkyDaUfPWTsv9WAsPGTxyEvil9sARRFoJJ%2Fud5VqfXrtrAyBUcQsshwG5AAvGnHumN6n8Hec%2FoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733dd702bce-FRA
expires: Sun, 11 Jun 2023 21:10:01 GMT

GET
H2 200 1558905302.png
web-api.scorarab.com/uploads/team/ 5 KB
6 KB 148ms
35ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1558905302.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5dd633c997d867a35548d0121d221857f59ed6cf944303ea65ec75847b66207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5598
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-15de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pycPiVVkQ0edXrbwLKgsjubIovXggTqNcR6ixVzEd06wX4NGPGu%2F7lJsBPhhadFBco8jQL44ecGD3gSJZGLkm08UDh%2BmHGhorB07W8APhhy7WlO6pkN7NbkJccpxNld269CUXq1GbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733dd682bce-FRA
expires: Wed, 21 Jun 2023 06:34:31 GMT

GET
H2 200 1559702437.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 186ms
73ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1559702437.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d0358b0640518c788f9186ee5f124d3a0bcdf1f12a429ec555183a0a0b474da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48234
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2732
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-aac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFfZVBHTpm4pWOvTu2zZKxN0iHjSoDC1nYRRdEqmGjiI4yzdOTYj4VSMi7vMlrrRDINIRGKxdFe%2B%2BqsB539nPO%2Fn55aVyUFHyJdzpL4qAkSE2aTi9%2Fp7L6yNdV7HGzFdVt5NGxvfbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733dd5d2bce-FRA
expires: Wed, 21 Jun 2023 06:37:54 GMT

GET
H2 200 1560461855.png
web-api.scorarab.com/uploads/team/ 4 KB
5 KB 185ms
71ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1560461855.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f472e6b83562a57596cbd4133dfef6345b81a4a3e63a4ce7f97d197957186d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48234
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4471
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1177"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ForJ53G71wWbnumodtBmiXtFkT04%2FvGf0G23mPPfoiekcOyvMtDYY%2FWv6LCR9k2clUYQJswLnJVSmYSLnWnVxDU4u%2BtXiWM7nH0C%2FPHn3VJLoRxowNP0UkTMEBjLvlTtno8mmLZaVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed962bce-FRA
expires: Wed, 21 Jun 2023 06:37:54 GMT

GET
H2 200 1663979135.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 186ms
71ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1663979135.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

147f0ee841b9402355af6f0b74053f9da6aeaf5a6dec2791372b3b49f7dd3531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2691
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Sep 2022 00:25:35 GMT
server: cloudflare
etag: "632e4e7f-a83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJxJFD60PhiUlZ%2Fog5XJUhtkuaCyGf0FWQ8luhn%2FcHqGAf5z%2BJvqaHE%2FO3EmPTJUeh8Q8kjOAtoWeSsWIPNNEyNrv5WL%2B0c2z%2FaJmPJ87D6Iw%2FiYbzOC1flfp5MN5iWLHMvqgB%2BFpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed982bce-FRA
expires: Wed, 21 Jun 2023 06:37:55 GMT

GET
H2 200 1560334717.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 182ms
69ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1560334717.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad4e637fbbb6d5918434b4e504cf410b60cac14bdeaf4b31a4f9032145ad03e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3112
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-c28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kq7CnlV2jZWc4NgsaJN5JhBHIUfpgTKlLGvZTN1MDCVyPZsIMVbdb2APsi3vaa6AdSWGLGhAMaRfjxV6VU5DGewgB1sRy4Y3huMS8AY3PA2rQvfWB4C5mIhXh%2B%2FObg56ormbsqi18Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733dd632bce-FRA
expires: Wed, 21 Jun 2023 06:37:55 GMT

GET
H2 200 1629618386.jpg
web-api.scorarab.com/uploads/team/ 4 KB
4 KB 185ms
72ms Image
image/jpeg 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1629618386.jpg

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

453f46dd7ff4e08b5d7261f6c97fb61e7a24d52de78ee8a582423ecdf1534f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1125645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3956
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-f74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ou41R%2Ffc%2FY9ssh4OmGaYE1Lo%2Be%2FseKrKQwXJW%2F%2BIaON67h1M%2FntQN%2FTFuKCVuAD6ZGBxuRJZQBVz6bvWVj1x91100GSCVLjrBKasJ8E2NEUQD8qyEGZ6qzQ3G4EzycoXllnI7UBDdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed932bce-FRA
expires: Thu, 08 Jun 2023 19:21:03 GMT

GET
H2 200 1557010107.png
web-api.scorarab.com/uploads/team/ 6 KB
6 KB 186ms
72ms Image
image/png 104.21.87.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557010107.png

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3283c09f88e990e40d307629c7ac10940ce484e7a755bcb4b6a5f442e74d5ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1737719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5926
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1726"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k76999cpc9Mq1EPIxdiPB8iEz0Vlextyc%2F%2FZKthOByWUrV5jl0t48xcM2OaNkJ85ufqCK4%2F8R8qaXEtnelNn5SluAKs6%2BrEgDz20cwOoHWGGRDXUwGzenEf%2FSmPeBvXOZ3J2NC9z0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7cb7a733ed952bce-FRA
expires: Thu, 01 Jun 2023 17:19:49 GMT

GET
H/1.1 200
OK hb_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/467996/ 922 B
925 B 157ms
14ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.aplhb.adipolo.com/prebidlink/467996/hb_744327_17687.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.tohead.js
Protocol: HTTP/1.1
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: db9725a00f53ca2f3a4140f8cfda2bf9e4dfb7118d1dcf68306fb778469ed729

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 20:01:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 19:28:20 GMT
Server: nginx
ETag: W/"646bc254-39a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Mon, 22 May 2023 21:01:48 GMT

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

76 KB
25 KB

170ms
90ms

Script
text/javascript

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eab61228b8c345ce533b8e078ee4cdd19702abbfa8d1bb9c165913fac7cf3464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25336
x-xss-protection: 0
server: cafe
etag: 319 / 19499 / 31074750 / config-hash: 8319726746282660736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:48 GMT

Redirect headers

Date: Mon, 22 May 2023 20:01:48 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 22 May 2023 20:01:48 GMT

GET
H/1.1 200
OK wrapper_hb_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/467996/ 2 KB
1 KB 143ms
20ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.aplhb.adipolo.com/prebidlink/467996/wrapper_hb_744327_17687.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.tohead.js
Protocol: HTTP/1.1
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8e3e1e67aa1898a175da2612f00ee342a817599a4030b6a881c4724d4b0b1ffe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 20:01:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 19:28:20 GMT
Server: nginx
ETag: W/"646bc254-7e0"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Mon, 22 May 2023 21:01:48 GMT

GET
H2

200

gpt.js Show response
www.googletagservices.com/tag/js/
Redirect Chain

http://www.googletagservices.com/tag/js/gpt.js
https://www.googletagservices.com/tag/js/gpt.js

76 KB
25 KB

189ms
91ms

Script
text/javascript

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a29aabb0d268f669a100b65e8ac6ff19345636dd564423c7f1524019c1257032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25336
x-xss-protection: 0
server: cafe
etag: 130 / 19499 / 31074710 / config-hash: 8319726746282660736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:48 GMT

Redirect headers

Date: Mon, 22 May 2023 20:01:48 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location: https://www.googletagservices.com/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 22 May 2023 20:01:48 GMT

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
7 KB 152ms
42ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by: Host: shoot-yalla.to
URL: http://shoot-yalla.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7543885
etag: "5ed61610-1b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QJIEXLGaejNyiKkuC2qBnc%2FK7%2F2l%2B0qYDM39C3s0J3pYS9vxI7YfzrSpF7BuumOD4eYAA5KMdFVOTxNadKUHvM272yjLQP%2FSqg6wDUhQF7C4DlWaXi1Pf6OgrP4RxDApVML%2BUMF1zjxZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb7a73459205c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7068

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 189ms
83ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Requested by

Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e39175fec39bd1ba3aef3c7959bbd9fb3b5dc99e9430038f815a3184253b8a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Origin: http://shoot-yalla.to
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47579
x-xss-protection: 0
server: cafe
etag: 17850851134878796378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:48 GMT

GET
H2 200 page Show response
mediation.magnetssp.com/bpads/ Frame 3D11 2 KB
2 KB 105ms
51ms Document
text/html 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d4bc386fd405f6ed2c3228bc2b0701f50234519bfeb43417ef6e8bdd1cfac31c

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
content-encoding: gzip
content-language: nl-NL
content-type: text/html;charset=UTF-8
date: Mon, 22 May 2023 20:02:40 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-id: s4rD7HJQrmT5Z32FV4CdrYQvGFvgKRZtundZOgqCdf8zgqmvUtoGPg==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront

GET
H2 200 bpads
mediation.magnetssp.com/json/img/ 823 B
1 KB 109ms
54ms Image
image/jpeg 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediation.magnetssp.com/json/img/bpads?app_id=1a00190d4d25000&request_id=E2CN5YFCC41BRw-GaQ72gaaeLKeuADSZ&client_ts=1684785708078&os=&lan=en-US&sdk_version=v1.0.0&page_url=shoot-yalla.to%2F&events=%5B%7B%22idf%22%3A%22C4FN1WCGE406Rv-fY4XQMPQViw0aNwS%22%2C%22gen_ts%22%3A1684785708078%2C%22evt_id%22%3A%22MAG_FIRST_OPEN%22%2C%22cat%22%3A%22MAG%22%2C%22sub_cat%22%3A%22OPEN%22%2C%22data%22%3A%7B%7D%7D%5D
Requested by: Host: shoot-yalla.to
URL: http://shoot-yalla.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:02:40 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: UNTv8gMn00JCKgdhnYkqkZM27qyMBaj1PSPh59DPeWTnQ4Rcbw-zsw==

GET
H2 200 bpads
mediation.magnetssp.com/json/img/ 823 B
1 KB 109ms
55ms Image
image/jpeg 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediation.magnetssp.com/json/img/bpads?app_id=1a00190d4d25000&request_id=C3GJ4YHFG148Ux-NoYfSveHgoFU8HzW&client_ts=1684785708078&os=&lan=en-US&sdk_version=v1.0.0&page_url=shoot-yalla.to%2F&events=%5B%7B%22idf%22%3A%22G1GI1bCEF108St-9ZH5cx5xHzxr5rEhs%22%2C%22gen_ts%22%3A1684785708078%2C%22evt_id%22%3A%22MAG_SDK_START%22%2C%22cat%22%3A%22MAG%22%2C%22sub_cat%22%3A%22START%22%2C%22data%22%3A%7B%7D%7D%5D
Requested by: Host: shoot-yalla.to
URL: http://shoot-yalla.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:55 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: ZzSY0oqVgUVoSjoBEV-mGlmm2Ob6SwZQLthS3ujI8KK12snUwGvNHw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 75ms
71ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-42B0FRBVLM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c0cfdac5d0b00437a5c93b6b39504f10596df2c0b496454daed3d8ad34766b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 May 2023 20:01:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 110ms
21ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122498-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 May 2023 18:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5169
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 22 May 2023 20:35:39 GMT

GET
H/1.1 200
OK hbp_master_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 348 KB
111 KB 17ms
16ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_744327_17687.js
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467996/hb_744327_17687.js
Protocol: HTTP/1.1
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5784443c7ad0e64895f7a8b0f8da24eedd60a5b23488b9a735033326a5293b8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 20:01:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 May 2023 13:53:53 GMT
Server: nginx
ETag: W/"646a2271-56e5f"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Mon, 22 May 2023 21:01:48 GMT

GET
H/1.1 200
OK hbw_master_744327_17687.js Show response
player.aplhb.adipolo.com/prebidlink/467996/ 95 KB
32 KB 14ms
13ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.aplhb.adipolo.com/prebidlink/467996/hbw_master_744327_17687.js
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467996/wrapper_hb_744327_17687.js
Protocol: HTTP/1.1
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 58d40c4b17c6dfffa62b833355abe66f8b1f9843fc59f7c56eb29b388042c29e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 20:01:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 19:28:20 GMT
Server: nginx
ETag: W/"646bc254-17c3f"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Mon, 22 May 2023 21:01:48 GMT

GET
H2 200 page-XCXWEUPF.min.js Show response
mediation.magnetssp.com/dist/bpads/js/ Frame 3D11 14 KB
5 KB 54ms
53ms Script
application/javascript 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: a6482849860cec9c85f0b28a58d829013b52b1c774f20255cf6100f66c1ab46d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:02 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: x7C4NYWyhQnetn9X-lcAZLiOivnBMb6530gXE_PjgAS3VMow8Fd7VQ==

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 149 B
418 B 155ms
19ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467996/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 229abf9ca0004df4e17355f58df83e0f9e85a2419b4c737cc4ec9a4fa8e9cb7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 20:01:48 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: http://shoot-yalla.to
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 149

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
432 B 155ms
20ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=744327&site_id=17687&full_page_url=http%3A%2F%2Fshoot-yalla.to%2F&adid=z9wsgm.op&features=81952&vpbv=N147&tte=358&lifecycle_tte=828
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467996/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 20:01:48 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: http://shoot-yalla.to
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

POST
H2 200 mediation_configs Show response
mediation.magnetssp.com/json/ Frame 3D11 557 B
1 KB 58ms
54ms XHR
application/json 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_configs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: fa602dbac3c6503fbbb0f38c49a084f016960090e03b8c6e158c7f77a667198d

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: ROsXwbK5a0ki0M6o0th0SH-yAyyhu0ob_lbSucLYtiX5FvK0JEv8Ww==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 126ms
77ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=shoot-yalla.to

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

199ff21e524f3282c8a7aba47b4acbcfecb8ac2f4339a08b2e4488bc980ffb17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122659
x-xss-protection: 0
server: cafe
etag: 603283603021823053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame E866 10 KB
5 KB 81ms
18ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 76035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 22:54:33 GMT
etag: 15057649708203361565
expires: Sun, 04 Jun 2023 22:54:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 60ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-42B0FRBVLM&gtm=45je35h0&_p=1776331647&cid=368023858.1684785708&ul=en-us&sr=1600x1200&_s=1&sid=1684785708&sct=1&seg=0&dl=http%3A%2F%2Fshoot-yalla.to%2F&dt=Yalla%20Shoot%20LIVE%20-%20English&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-42B0FRBVLM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 3D11 35 B
602 B 55ms
40ms XHR
application/json 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 22 May 2023 20:01:56 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: Uu8v3ovQvcs6U6zR4IDE-MNoyrtFI5Cg_Rr5q7rEmHFROzeufc9fBg==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 3D11 35 B
602 B 54ms
40ms XHR
application/json 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 22 May 2023 20:02:40 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: YLQfH_p-qC18K0NdU6wMl7AAZJ6AplL7sJ83xUtw6gRDiIeq8DezNw==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/ 407 KB
126 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e82579c7719e508e943bb982cbe82945941dbdc5e67b2f3364e37a55b276296d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5446
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128505
x-xss-protection: 0
server: cafe
etag: 9552717522506389512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 21 May 2024 18:31:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
497 B 119ms
70ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d831e121563f442bb2f84909f710a0c9cc68a17ea5a9ab8abb31dec500e7dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 472
x-xss-protection: 0
expires: Mon, 22 May 2023 20:01:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 30ms
28ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1776331647&t=pageview&_s=1&dl=http%3A%2F%2Fshoot-yalla.to%2F&ul=en-us&de=UTF-8&dt=Yalla%20Shoot%20LIVE%20-%20English&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=483019929&gjid=786880648&cid=368023858.1684785708&tid=UA-153122498-1&_gid=1968571878.1684785708&_r=1&gtm=457e35h0&jsscut=1&z=803912962

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afgegg Show response
www.boomplaygames.com/ Frame AE44 4 KB
2 KB 131ms
60ms Document
text/html 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomplaygames.com/afgegg?at=1
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d25000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 04c19866871960d5f764a0e629213d45cb3670fa273ded92884b05f1310bfbc1

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-language: nl-NL
content-type: text/html;charset=UTF-8
date: Mon, 22 May 2023 20:01:48 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
x-amz-cf-id: -pHWDo73XEwBoFY7Fv_xjYmafg5QbRPMSbTEeSUjwgj9v6iz54ukVg==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 128ms
35ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=http%3A%2F%2Fshoot-yalla.to%2F
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_744327_17687.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3bd0eaf4dc1727aea18802b69673426487f6e4553eeaa5a50cf1215b42090a2e

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

expires: Wed, 24 May 2023 20:01:48 GMT
date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: gzip
last-modified: Sun, 21 May 2023 12:02:22 GMT
server: nginx
etag: W/"646a084e-2aa7"
content-type: application/json
access-control-allow-origin: http://shoot-yalla.to
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 141ms
32ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 138ms
34ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 344ms
344ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2975016614555088&correlator=1498676415841646&eid=31074723%2C31074750&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=3&adks=2936496661&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1684785708680&lmt=1684785684&dlt=1684785707628&idt=933&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7c5bbb4b01e3acf32cec3fae2352e715e96a6f2cb4a2570e3052280e262264c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12139
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326746042
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 613 B
310 B 398ms
398ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2975016614555088&correlator=3396112798646487&eid=31074723%2C31074750&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=4&adks=3191345388&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1684785708698&lmt=1684785684&dlt=1684785707628&idt=933&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=1600x2515&msz=1600x0&fws=0&ohw=0&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dae943c311428fd611c619f9fdfbdcfe56ddbcb39b3b6d6c574ef087bbe8cf2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bea3c60389061a3808bab6673953f139.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7128 6 KB
3 KB 159ms
26ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bea3c60389061a3808bab6673953f139.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:48 GMT
expires: Tue, 21 May 2024 20:01:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.min.css
www.boomplaygames.com/bp-game/egg/css/ Frame AE44 4 KB
2 KB 33ms
27ms Stylesheet
text/css 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1374b8f07fff158a285cae4f10364b53b430f5460c29a56e7069c5044541d12b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/afgegg?at=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 09:48:46 GMT
content-encoding: gzip
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 36782
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: zakt-Y8-MwTipSSuvD0psk902er44w9Q7jcLn6mAxhsYTRyN6Dm1cQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AE44 136 KB
46 KB 75ms
69ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75941d373739e8177aafb48f4f4b84cab22d23eb703a9985a67e6c5cd59442a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Origin: https://www.boomplaygames.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47356
x-xss-protection: 0
server: cafe
etag: 642728076758683670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:48 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
605 B 99ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=shoot-yalla.to&callback=_gfp_s_&client=ca-pub-7731356227310930

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=shoot-yalla.to

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35fd5ae45917a9f0c249b5e2d3c47ee9a6064f1fd6c7c3d6943da47ac5280b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=id-custom_banner&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1783 76 B
265 B 277ms
276ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=1573534164&lmt=1684785684&plat=1%3A16777280%2C2%3A64%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&dt=1684785708389&bpp=5&bdt=760&idt=365&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5337067409502&frm=20&pv=2&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44792645%2C44789817&oid=2&pvsid=2975016614555088&tmod=1490340941&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=415

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:49 GMT
expires: Mon, 22 May 2023 20:01:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A425 122 KB
37 KB 601ms
598ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1684785684&rafmt=1&format=1200x280&url=http%3A%2F%2Fshoot-yalla.to%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1684785708493&bpp=4&bdt=864&idt=332&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5337067409502&frm=20&pv=1&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44792645%2C44789817&oid=2&pvsid=2975016614555088&tmod=1490340941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vJhimCQ57N&p=http%3A//shoot-yalla.to&dtd=344

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87c4c66ea1a66e9f284edd8febb3578e5cedff9a71db44595f0947f57580b880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37764
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:49 GMT
expires: Mon, 22 May 2023 20:01:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bg.png
www.boomplaygames.com/bp-game/egg/img/ Frame AE44 257 KB
258 KB 27ms
24ms Image
image/png 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/bg.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 471d1441e10580906ddefbe4cfb90f60ba5a73ff217739fdb927a06d38694ab5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 10:07:53 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 35635
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 263395
x-amz-cf-id: f8iZM5e9X28MZ58HLZtcXSD7U1TOdoDrfcA7rFC1CSIJ6MX-jUVMzw==

GET
H2 200 icon_egg_close.png
www.boomplaygames.com/bp-game/egg/img/ Frame AE44 44 KB
44 KB 100ms
98ms Image
image/png 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_egg_close.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: c334fe640b85a39b39afcb3fb696fb65a0f38f61d4aa04e4daeb4b2736721a53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 02:06:50 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 64498
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44659
x-amz-cf-id: RRdzWGYhzVMzr_Sn9jleON-E6HyxSlRmqtfitASZofDLGS8ylYHpew==

GET
H2 200 hand.png
www.boomplaygames.com/bp-game/egg/img/ Frame AE44 26 KB
26 KB 105ms
103ms Image
image/png 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/hand.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 4bb033ea7a2a04c5459311db0d05fdf49fa1c1478b61e7db9e8358dcebfc9504

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 10:07:53 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 35635
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 26692
x-amz-cf-id: aJtTwOCf15u58KHjjG8DmojDDFy87fqBN5wnCn76YDax3LRxsqsfCQ==

GET
H2 200 icon_egg_head.png
www.boomplaygames.com/bp-game/egg/img/ Frame AE44 18 KB
18 KB 108ms
106ms Image
image/png 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_egg_head.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 553ae0bf096177f4d85b26a41d255124f5e812a830cc2b47a7fda8d2c05a4cb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 10:07:53 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 35635
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18136
x-amz-cf-id: FC5FygY6D4_tFVsNMHImFc_I5eJ41l1gE0eTEGJi-f4fjMfZGFNJtg==

GET
H2 200 pic_light_1.png
www.boomplaygames.com/bp-game/egg/img/ Frame AE44 58 KB
58 KB 109ms
107ms Image
image/png 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/pic_light_1.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 53c8e12b1eecfdd19a3dd422e55c59fa464b5b8d79c1c3a496c5464012a7c2e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:08:25 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 68003
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 59063
x-amz-cf-id: jGpDsIg_1TbovxlyNgvG0v2zIJyoEYNAjWyR__w-KfjhC25Zb2d1FQ==

GET
H2 200 iPhone.png
www.boomplaygames.com/bp-game/egg/img/ Frame AE44 14 KB
14 KB 114ms
113ms Image
image/png 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/iPhone.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 46694a456711f854acf918bf369e0ce435264b9bb101fe05b5605ef4aa68fe22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 02:06:50 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 64498
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14456
x-amz-cf-id: 3Lo2yQLQITqodHNxSEAHpZSTfOy_5As8cOU8NxOOz1OKyhbJol3jgw==

GET
H2 200 icon_open_egg.png
www.boomplaygames.com/bp-game/egg/img/ Frame AE44 44 KB
44 KB 115ms
113ms Image
image/png 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_open_egg.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 5b611e89fa1a6b58cbc1db830dffd3ff972ce5727f6397510a60332cc2218055

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 10:07:54 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 02:56:00 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 35634
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44922
x-amz-cf-id: 41R8N9Nk98NuAKHui2PkBa6SxCLiNuQLuWgDm_fjIt27qp7rrK_x9Q==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame AE44 355 KB
120 KB 99ms
96ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=www.boomplaygames.com&bust=31074718

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0463eef2b344b299a040c046459ae80d5ec7a18e49ce049a7b5ab73cc175053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122654
x-xss-protection: 0
server: cafe
etag: 9008937261177308112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1161 0
0 80ms
79ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvB8LJMPEwbOZsoKOXzjwfYZzbb3p1CVF20dIQXsIoPCvtGqbByW5kgSwg5jEzaq0mNwt-YkPYHBSyrdfBAmvYZsJSv6Ocn-7que5l6dS7rHQVDXZGY_wqzgCLa_9g3BeQc4XrTOqvCsHtLkYoVbpgkAghpJgo3toEzIYLbO2fq0af9bWtVD1NW3z3zblJW0brBjUPQ1d2irQU0gUyR3NrH2aiR-Lt10ag96HEU0l5ymTRPopSAI0H0jXQ5gYTOSK1NIAlaLVbY0GxZ29u6UohDp8gIHVJuV33X1QHf7BadF9LPGQJS7gVgBmWzRcI8frZrlBfRQu3&sai=AMfl-YTIo5O_RrvydDMPXpecvACxqYEUMDs7DzyBa2tiEQqKTZg5kK78R6Bt7o-VPMtvegzCnyRs5bYYI4eLuyA5Hc2iqhoeRJv4ABns4eoAXn5qSGfmmzxkK127SDpgbaOeBLaa-L5snmF1RwtrMYY&sig=Cg0ArKJSzIopedd-KyirEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: shoot-yalla.to
URL: http://shoot-yalla.to/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 May 2023 20:01:49 GMT

GET
H/1.1 200
OK prebid.js Show response
acdn.adnxs.com/prebid/not-for-prod/ Frame 1161 2 MB
652 KB 44ms
14ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750
Protocol: HTTP/1.1
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires: Wed, 19 Apr 2023 10:50:23 GMT
Date: Mon, 22 May 2023 20:01:49 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 30266
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 666704
X-Served-By: cache-lga21951-LGA, cache-ams21079-AMS
Last-Modified: Thu, 10 Feb 2022 18:43:39 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1684785709.116160,VS0,VE1
ETag: W/"62055cdb-23771c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 37470, 1

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1161 170 KB
53 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:49 GMT

GET
DATA 200
OK truncated
/ Frame 1161 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ebea2636a9ad64b3a38c2491fb59b38c07ef5399ee3a56a2e42ed72cc8d24a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame AE44 107 B
165 B 44ms
42ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame AE44 107 B
165 B 43ms
41ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB62 76 B
90 B 284ms
281ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3279755399&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=5&wgl=1&dt=1684785708881&bpp=4&bdt=164&idt=214&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=332808532844&frm=24&ife=1&pv=2&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.my6xxe5zis86&fsb=1&dtd=239

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:49 GMT
expires: Mon, 22 May 2023 20:01:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 87 KB
30 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

445f76faa641b41b0b6acc9a2406ee3a586056b77106e40f6f567d580ab40c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30670
x-xss-protection: 0
server: cafe
etag: 1984547433332075626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1161 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv52Gx1T5qWy5gXUvLdEKCrRiEYvUHsaCJxXpgt_cBtUNJi5R4Ayp6XyLNGdL63TEO_vdebx6uRjuvcf5OE_UF_PeDLfRIlS367UQk1DKWLLs0jfzCMYUeaqV63COTyGR00Tgnt1E-2sA7sFiEpQC1I8e-pOH_V9ByLk86S6XwkWdc9OmkZpwz0RMYRvDewM6e2MPac0ZAgduyEiPbSOWv_8IqvdiFAWy-oja19qAAA2rvCIHRwTR8uzbQLy2hX1BaQtpTPNXXTnX7SMygurVxKHI0C3CbgQuoj8co0NiD1qI4Np1v4crBORWontQun5ugPkH0TRiT-MQ&sai=AMfl-YSVa11zSW7r__L3iDqn5ZjEwz7Z6RjXHi9NwULpnkc5uU2tEg0KkbFzwUVSNh-3ER5f0_pv0FdNpEjEAowO5ArY6LZxQNlP8JOllKU6TGK5n8evEFbUuF4VRfsa9TDcz1E3-6LZcjLniScWZVM&sig=Cg0ArKJSzIZegqjSLnGsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 May 2023 20:01:49 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ Frame 1161 3 KB
3 KB 98ms
20ms XHR
text/html 2600:9000:236e:d400:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:d400:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Mon, 22 May 2023 00:50:19 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 69091
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: 4ZFkxsBrM3sxBt5s_FWUaJKGU1VmQyVoMKmBIgMmB_bK-zAo0XYxOA==

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ Frame 1161 14 KB
2 KB 101ms
48ms XHR
application/json 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

x-id: am3-up-gc88, fr5-hw-edge-gc17
date: Mon, 22 May 2023 20:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
age: 34144
x-jsd-version: 1.0.0
x-cache: HIT, HIT
x-cached-since: 2023-05-22T11:38:46+00:00, 2023-05-22T11:38:50+00:00
cross-origin-resource-policy: cross-origin
x-nginx: nginx-be, nginx-be
x-served-by: cache-fra-eddf8230021-FRA, cache-ams21045-AMS
x-jsd-version-type: version
server: nginx
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cache: HIT, HIT
timing-allow-origin: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 1161 483 B
1021 B 93ms
28ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 20:01:49 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1034705
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqBIcie31oQQDSexFD%2B6SY2HuOvOI1%2BWeKbxtci6RB6z8Y8zKcYc9CwU%2FTBZbtJBCubOvUiEvw12LCESQywL6jzOYvw9h0Al5ujJfYnXtwRNRL1vc2huXuSS05E3jvkhv2toLYDwEIGYeFzO"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7cb7a73d8f6e913a-FRA

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 1161 23 B
399 B 65ms
16ms XHR
application/json 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.11.0
Requested by: Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 2796a2f40b924e19ce69de411388af0f5a8c5e3319c8a102561e1721ada43256

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 22 May 2023 20:01:49 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://shoot-yalla.to
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1161 15 B
361 B 83ms
21ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: http://shoot-yalla.to
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1161 18 B
311 B 118ms
62ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.11.0&cb=64234769875

Requested by

Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://shoot-yalla.to
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 css
fonts.googleapis.com/ Frame A425 10 KB
1 KB 84ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1684785684&rafmt=1&format=1200x280&url=http%3A%2F%2Fshoot-yalla.to%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1684785708493&bpp=4&bdt=864&idt=332&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5337067409502&frm=20&pv=1&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44792645%2C44789817&oid=2&pvsid=2975016614555088&tmod=1490340941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vJhimCQ57N&p=http%3A//shoot-yalla.to&dtd=344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d7666209fd78007af6f00e6183895d519ddfc041df9b609274ea6f35e8ea3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 18:36:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 20:01:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame A425 2 KB
846 B 80ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 22:21:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame A425 22 KB
9 KB 73ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 22:18:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame A425 3 KB
1 KB 61ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 22:18:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame A425 19 KB
8 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 22:18:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A425 170 KB
53 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:49 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame A425 32 KB
14 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 20:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Tue, 16 May 2023 20:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 20:30:39 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
224 B 20ms
19ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467996/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: http://shoot-yalla.to
Date: Mon, 22 May 2023 20:01:49 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A425 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz58yLMprZM-9NdTvtweD9bqQD6H71J9wkv-a-pgR9YL3j_Q2EAEgk5jgd2CRBKABuYbv5ALIAQmpAh5slzvzILI-qAMByAPLBKoEygFP0DcOpxLYZS9wGne9WiKa-1bueamFO8cLN4juljlOuVO5N5itz6G1puluM_wlnpiurbgZNUc98DsTfubrXlhazLBmjC7gOe_7Bp9ktF47egShB56MiWwJrQce4XZAyRKtL7Qa7n2Dj9nojvu6FC398Um8LnUkv-FDX--8qWunA02oIsf0_xOqJe6cP1deC23GCHBAAvEZVvgTx1HueabHFC_-zQ68jWZzgsuMyBGV8BZQ5OD6AYXh9uBlBVbV52AJKAR64SIdCt2lwAS1mPrgkASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH5Mq3gQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ154I0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03NzMxMzU2MjI3MzEwOTMwGAA&sigh=kKpE-l18-Wc&uach_m=[UACH]&cid=CAQSGwBygQiDu4Als1vqgsAQBVV6h8OE5_xSm8dyNhgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=3795871599&adk=2350421022&adf=4274489541&pi=t.ma~as.3795871599&w=1200&fwrn=4&fwrnh=100&lmt=1684785684&rafmt=1&format=1200x280&url=http%3A%2F%2Fshoot-yalla.to%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1684785708493&bpp=4&bdt=864&idt=332&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5337067409502&frm=20&pv=1&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44792645%2C44789817&oid=2&pvsid=2975016614555088&tmod=1490340941&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vJhimCQ57N&p=http%3A//shoot-yalla.to&dtd=344
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 May 2023 20:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame AE44 87 KB
30 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js?bust=31074718

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4bcf2d5f315b4934bb16863b7e7437756f49f5c2fc23b3389f48b8b562bc820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30670
x-xss-protection: 0
server: cafe
etag: 15659909499758010327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 May 2023 20:01:49 GMT

GET
H2 200 3860137358504274242_2974711758807017605.jpeg
static.doubleclick.net/dynamic/5/304274536/ Frame A425 317 KB
317 KB 103ms
46ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/304274536/3860137358504274242_2974711758807017605.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

462576cb2ab9372a628f97a39a182d80417a8cc2828b1a688f7f589dfb578b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:05:19 GMT
x-content-type-options: nosniff
age: 10590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324355
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 11:49:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 May 2024 17:05:19 GMT

GET
H2 200 4973096060493663649_7994123908911944329.jpeg
static.doubleclick.net/dynamic/5/304274536/ Frame A425 194 KB
194 KB 135ms
78ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/304274536/4973096060493663649_7994123908911944329.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4656d3d34e083d40271527db9963f9a56e8c9b4b61950569e4ec1036a86c4fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 10:20:15 GMT
x-content-type-options: nosniff
age: 34894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198865
x-xss-protection: 0
last-modified: Sat, 26 Jun 2021 04:43:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 May 2024 10:20:15 GMT

GET
H2 200 7921182849993527705_12100449710235383864.jpeg
static.doubleclick.net/dynamic/5/304274536/ Frame A425 311 KB
312 KB 81ms
25ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/304274536/7921182849993527705_12100449710235383864.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec810a2045c3f657194655f344fa89849aebd4624e109d97ca9030bfc45642f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 03:30:11 GMT
x-content-type-options: nosniff
age: 577898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318335
x-xss-protection: 0
last-modified: Sat, 26 Jun 2021 02:58:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 03:30:11 GMT

GET
H2 200 8095065085935971089_2779031374269159767.jpeg
static.doubleclick.net/dynamic/5/304274536/ Frame A425 1 MB
1 MB 125ms
69ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/304274536/8095065085935971089_2779031374269159767.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d819bd2570eef973dec45477c309c259218ac2baafd76c4cf012fb616885e8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:30:02 GMT
x-content-type-options: nosniff
age: 23507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1059804
x-xss-protection: 0
last-modified: Sat, 26 Jun 2021 08:23:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 May 2024 13:30:02 GMT

GET
H2 200 14226392150826470121_4479626092191911561.jpeg
static.doubleclick.net/dynamic/5/304274536/ Frame A425 53 KB
53 KB 116ms
60ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/304274536/14226392150826470121_4479626092191911561.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78cbd26fbe05d68060057ad82c4f5418b7896e5c3416adca793873bebb659fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:33:19 GMT
x-content-type-options: nosniff
age: 358110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54207
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 18:05:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 16:33:19 GMT

GET
H2

200

5524161697449620939
tpc.googlesyndication.com/simgad/ Frame A425
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgkbzmdhDuBBibATIIddg7_rD0C-k
https://tpc.googlesyndication.com/simgad/5524161697449620939

12 KB
12 KB

20ms
19ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5524161697449620939

Requested by

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b6857632e43a6f399172aa492ffa275749359fa28ce997f006c868bd268851e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 19:50:08 GMT
x-content-type-options: nosniff
age: 701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11842
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 14:37:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 May 2024 19:50:08 GMT

Redirect headers

date: Mon, 22 May 2023 11:50:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/5524161697449620939
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 11:50:16 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 1161 74 KB
23 KB 160ms
119ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 20:01:49 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWKRuxkrYpWjbcSqEXbntSuCx7FQqBzAdf%2FsXnyH9%2F4h7afB7GqcjTbw0RQtgy9n01Ig4tscEKHkSgAPQi%2BVLD3BCENh5%2FGFLE3la3e6nzHqwWSwnj%2BM987eCVkzqhaaR70ODEs3k2uYWQLA"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7cb7a73dfcc19219-FRA

GET
DATA 200
OK truncated
/ Frame A425 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183cf3c677a3f5c720eecd20963f52ccec2b6980c22a1122028bd0376faea0e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 3D11 35 B
603 B 51ms
50ms XHR
application/json 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 22 May 2023 20:01:57 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: 6WDrK6Zo5UmabyD6MHQVhGE9bLQkaX7IfUDP8Ft-hQ6twRtZmuP8nw==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 3D11 35 B
601 B 76ms
75ms XHR
application/json 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: Id57Fyu_n8mC_8GTshCKxdxxxzmgRvQMcZqjfI26iRImrnnTNlmrwQ==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame 3D11 35 B
602 B 76ms
76ms XHR
application/json 13.32.99.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-102.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d25000&slot=1c00790d4e69000&adsid=E3EI1YEGH05BSx-4D1e3&sdkVersion=v1.0.0&page_url=shoot-yalla.to%2F&w=1600&h=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 22 May 2023 20:02:42 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: j0u7Nms2lV6StLxWOsQS4Q8k98gbLKtBPdMsCsyMcmyyRfMlXN14ew==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE44 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&preloadAdBreaks=on&onReady=true&event=adcf_cl&client=ca-pub-7731356227310930&bow_v=r20230518&js_v=m202305160101&fetcher=adsense&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame A425 29 KB
30 KB 84ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 225429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 05:24:40 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A425 20 KB
20 KB 108ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 184867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 16:40:42 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame AE44 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame AE44 107 B
122 B 33ms
33ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AAE3 61 KB
8 KB 692ms
691ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beb499db090a05d188f20b735a295e34a021e50df24548dcacba536a2dc3a18b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 8121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 020D 94 KB
22 KB 440ms
437ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378851&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684785709808&bpp=1&bdt=1091&idt=1&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.k5vuyrecm71f&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d967064b3ed9a0e0bf921993317ebb3d8e94ca958e9555f34950f4cc14168d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 22865
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame AE44 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js?bust=31074718
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame D339 37 KB
14 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 May 2024 18:49:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1161 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUR94L3ebOxXlxzm9CZptk299NubvzxiDdZJThaDLRJHk24RbA_UbedJxh_c-aCuM0R1uMdFAq87cIuvciYeSy1AnMozIvT9R-GIw-O8ljwgU7c_-D&sig=Cg0ArKJSzJcW8r2pg2QEEAE&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2936496661&rs=4&la=0&cr=0&vs=4&r=v&rst=1684785709068&rpt=157&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 1161 87 KB
28 KB 283ms
30ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: acdn.adnxs.com
URL: http://acdn.adnxs.com/prebid/not-for-prod/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 23 May 2023 20:01:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 020D 2 KB
666 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378851&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684785709808&bpp=1&bdt=1091&idt=1&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.k5vuyrecm71f&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 20:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 18:02:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 20:01:50 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 020D 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 17:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 17:35:55 GMT

GET
H3 200 countdown_handler_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 020D 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/countdown_handler_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e649b35544088098b1377693fd69e8ce8ab1fe3b34f67c45f020bfd14620f6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 21:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7159
x-xss-protection: 0
server: cafe
etag: 13098519130539972958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 21:13:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AAE3 2 KB
570 B 217ms
133ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 20:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 18:11:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 20:01:51 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame AAE3 20 KB
8 KB 110ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 00:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 00:00:55 GMT

GET
H3 200 countdown_handler_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame AAE3 17 KB
7 KB 227ms
151ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/countdown_handler_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e649b35544088098b1377693fd69e8ce8ab1fe3b34f67c45f020bfd14620f6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 08:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7159
x-xss-protection: 0
server: cafe
etag: 13098519130539972958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 08:49:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 342B 8 KB
750 B 157ms
126ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 20:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 18:34:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 20:01:51 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 342B 15 KB
3 KB 307ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 12:23:09 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 342B 371 KB
127 KB 308ms
23ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 12:23:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 342B 19 KB
8 KB 174ms
144ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:38:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 342B 0
0 312ms
27ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmr2pvyksb9EW9AXlqJZktqB_7KjiBm4btyaTvEvlcrEdBPcY43Udoq6HBiqFyMJLIgkp-Lg2ZYIboFcGjOAC7buIAnw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378851&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684785709808&bpp=1&bdt=1091&idt=1&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.k5vuyrecm71f&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A425 42 B
64 B 214ms
185ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0NFzkThLIC_IefPsug5_9269NztNz9DPYaROIj_QlZLqf26no_WyvSFsr5mpl0YuoZuEqyIUiwYcoIP8C6V_XvnvQEJ0mdx6SZeBz4HbuxRuI7Y2A91Ta5P72QKKvoFXeRvuNjw&sai=AMfl-YSXg5oALoPjNSDP6nNFReTTCo1x_0Q_s9pkJ_SeQDtf4bDGUFX0cNgiOA_lmeDeyKCnV3CmkRE210aV&sig=Cg0ArKJSzJcDPjicxj0SEAE&cid=CAQSGwBygQiDu4Als1vqgsAQBVV6h8OE5_xSm8dyNhgB&id=lidar2&mcvt=1018&p=0,0,280,1200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2350421022&rs=2&la=1&cr=0&vs=4&r=v&rst=1684785708839&rpt=1097&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE44 0
20 B 201ms
181ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=2&src=1&stats=1&timing=1183&event=prf_suc&client=ca-pub-7731356227310930&bow_v=r20230518&js_v=m202305160101&fetcher=adsense&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 1161 87 KB
28 KB 257ms
17ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 23 May 2023 20:01:51 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame AE44 0
0 149ms
64ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js?bust=31074718
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 295C 2 KB
570 B 91ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 20:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 19:01:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 20:01:51 GMT

GET
H2 200 rewarded_web_video_en.js Show response
www.gstatic.com/admanager/outstream/ Frame 295C 346 KB
118 KB 132ms
85ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

894b8a5ba082b76664658849b9201138ce24a44bf36ed16301fc4ff2090a3bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119902
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Mar 2023 21:18:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="drx-mobile-serving"
vary: Accept-Encoding
report-to: {"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE44 0
20 B 124ms
86ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=1&src=1&stats=1&timing=1423&event=prf_suc&client=ca-pub-7731356227310930&bow_v=r20230518&js_v=m202305160101&fetcher=adsense&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE44 0
20 B 117ms
85ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=start&name=bp-game-afg-egg&frequency_cap=30&last_intr=1684785711220&event=adbr_cl&client=ca-pub-7731356227310930&bow_v=r20230518&js_v=m202305160101&fetcher=adsense&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AAE3 15 KB
15 KB 56ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 323734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 02:06:17 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame AE44 0
0 66ms
63ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/slotcar_library_fy2021.js?bust=31074718
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 342B 0
54 B 89ms
30ms Ping
image/gif 2a00:1450:4013:c16::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lhz9wuug&c=3596651920935&slotId=1798325960467.5&qqid=CPHajO7bif8CFQQLjAoduEEBrw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c16::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 342B 0
20 B 66ms
63ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C1CS4LcprZLGQOISWsAS4g4X4Csme0rFc1Z2R93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi03NzMxMzU2MjI3MzEwOTMwyAEFqQLZUjyvcR6yPqgDAcgDAqoEwAFP0KnQKhrDzlI5izc46ZiWOfMbwJtOuRIVdP66SxtBzoO3IJ-6UBGCTyCpSLsFMn8z3xvGium0AZc9xpOd2q_Cdn8njE-iuskN_rD3xU-DbE7OrhZe-RnrEJ4g1IRGOIalnKpyihMuJfervCpEx9AM9MTwyVKt0rqdsXbFKaweZdqOVPglrh9U8-YtJnkg4MUcKLHzldnxFBLSg392kE74gaWkM_2ttq7NR86JJ0ysYvzCKnvJynGl8zREXgd-q2SABpDnzPfliaWswAGgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE&eventType=clickstring&clientTime=1684785711412&ai=C1CS4LcprZLGQOISWsAS4g4X4Csme0rFc1Z2R93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi03NzMxMzU2MjI3MzEwOTMwyAEFqQLZUjyvcR6yPqgDAcgDAqoEwAFP0KnQKhrDzlI5izc46ZiWOfMbwJtOuRIVdP66SxtBzoO3IJ-6UBGCTyCpSLsFMn8z3xvGium0AZc9xpOd2q_Cdn8njE-iuskN_rD3xU-DbE7OrhZe-RnrEJ4g1IRGOIalnKpyihMuJfervCpEx9AM9MTwyVKt0rqdsXbFKaweZdqOVPglrh9U8-YtJnkg4MUcKLHzldnxFBLSg392kE74gaWkM_2ttq7NR86JJ0ysYvzCKnvJynGl8zREXgd-q2SABpDnzPfliaWswAGgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 342B 0
234 B 47ms
29ms Ping
image/gif 2a00:1450:4013:c16::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lhz9wuuu&c=3596651920935&slotId=1798325960467.5&qqid=CPHajO7bif8CFQQLjAoduEEBrw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.19i&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c16::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast.php Show response
ads.eu.criteo.com/delivery/r/0.1/ Frame 342B 12 KB
7 KB 151ms
80ms XHR
text/xml 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/0.1/vast.php?z=ZGvKLQAOCDEKjAsEAAFBuOuq64L2ti0CsJwEjQ&u=%7CYrvVnRqgxFGqnWUHIbvRFoMjE5ostYLurMRb8NKhlJk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5jSfwMInGQwVgkAr581akMSiH_fr7BMm_BzTo8qWaUW82kg8KaPIh8hPBXmfp3iCrop9IPoU2CV_VbYu7NhlRXKg5nMQ_CheXm7R3ItXwA8nSWmOLy6k_lmctymltHAUHFrIQLTxS7FzPdtHKVj02BZ7g1iigtaD3Bt0y2sETkx7RRiYJsSn3saGnizYFlQcvNlFINH_mo--sr4uT-V6QN-bNcBEPfe6MJABtS03D1j7IG0fQaH4LC72syniin0kyZ9WEcKJpvZRTNNG9xj28B0v8X7mMHeQ5mr0vPXWPd5JzrvpWfoZ_gpC38Z2yAKlkfmjgQU4wLjes8x8MVaKUg2HFogcXMveqglqIssz1atdHwAemwFg4P-h3ECMOV6rkAr0sW-BCE1DbJRz7onD4OUFhEnUtWvr3V9WlX8ti8a5tlQGwwyzmD-umx2ZGfj66OKspYyfQVwWJhvy3_8slJ3JIDUJYPpPceGlZmwR2UibyhtBRtnTkgyIrB8dvy1zrcvUAXZxuCAGHVwu6p-_fAU-BBM-NvAzOvObsPAX_9e31lAPNsiP-4lb5IZS_qD2umSbDAMH0f1__9q4Iy_8koQ&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1CS4LcprZLGQOISWsAS4g4X4Csme0rFc1Z2R93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi03NzMxMzU2MjI3MzEwOTMwyAEFqQLZUjyvcR6yPqgDAcgDAqoEwAFP0KnQKhrDzlI5izc46ZiWOfMbwJtOuRIVdP66SxtBzoO3IJ-6UBGCTyCpSLsFMn8z3xvGium0AZc9xpOd2q_Cdn8njE-iuskN_rD3xU-DbE7OrhZe-RnrEJ4g1IRGOIalnKpyihMuJfervCpEx9AM9MTwyVKt0rqdsXbFKaweZdqOVPglrh9U8-YtJnkg4MUcKLHzldnxFBLSg392kE74gaWkM_2ttq7NR86JJ0ysYvzCKnvJynGl8zREXgd-q2SABpDnzPfliaWswAGgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2G09ngiTR2mnvLkWCFzMbSbZ6kvQ%26client%3Dca-pub-7731356227310930%26adurl%3D

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6932df820961730c0ea5fb9bb454dfc9b46f6fda723c09fd481b9184fa7ddf54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3160588
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/xml
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 13D0 1 KB
643 B 46ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 32258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Tue, 23 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 295C 0
54 B 43ms
25ms Ping
image/gif 2a00:1450:4013:c16::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lhz9wuwu&c=7375624412487&slotId=3687812206243.5&qqid=CKHwi-7bif8CFTgMdgYdrR8HtA&fb=rewarded_web-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rewarded_web
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c16::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 volume_off.png
www.gstatic.com/dfp/native/ Frame 295C 3 KB
3 KB 145ms
136ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/volume_off.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:47:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 310476
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 May 2024 05:47:15 GMT

GET
H3 200 pause.png
www.gstatic.com/dfp/native/ Frame 295C 763 B
786 B 149ms
140ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/pause.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 17:20:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 182470
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 763
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 May 2024 17:20:41 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 295C 0
54 B 41ms
27ms Ping
image/gif 2a00:1450:4013:c16::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lhz9wux3&c=7375624412487&slotId=3687812206243.5&qqid=CKHwi-7bif8CFTgMdgYdrR8HtA&fb=rewarded_web-lima&met.4=ls.lhz9wux4~arps.lhz9wux7&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=1&vhc=0&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c16::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 295C 15 KB
15 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 323734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 02:06:17 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 295C 42 B
64 B 86ms
85ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXndSLcprZOGlN7iY2OMPrb-coAuawJTpb8XJpquVEbCQHxABIJOY4HdgkQSgAbW7kuACyAEFqQJX6J1-dCKyPqgDAcgDAqoE0AFP0BPt2r8SrlCkXHoUhUAIfCTPTtMyLnu1rS3FB8r70fgqRjSCTK5Qgr4xxjhH7ohqkleVo5_CTZ6DhOmmOm0n9UR4YAn2k0NP9kZR-bHle-c66mlalx93aGxeY6fm295BRV55kjQA0UYJC-kWFO-kfWvbqaGljKkDI4xDCZH5FZG-pXmXJS0hI4eCyTMBOJ49RDX4UEnCFMGlN3z8ZJ2GbRODYFZ21XU2UnvbT_biXp9twtfBe-Mh8rGUoS20l6OuYUOSMvwKQuhL4yLM5xT0wATG4b-SoQSgBlOAB7z5tK8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqxCWslKrw4gvIvgAoBmAsByAsBuAwB2BMT0BUB-BYBgBcB&sigh=BtdjxrY3BNc&cid=CAQSKQBygQiD83qRnMvFwhwgw1adgSzG-skX4qQIYpgcWMMoZGwi1lkHPVIt&label=rewarded_ad_video_started_precaching

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-aigl6nz7.googlevideo.com/ Frame 295C 543 KB
544 KB 272ms
139ms Media
video/mp4 2a00:1450:4009:d::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-aigl6nz7.googlevideo.com/videoplayback?expire=1684814510&ei=LsprZLqjFsGTsfIPnsKL8A4&ip=2001:1af8:4020:a034:1000::14&id=f357a3fa665fe946&itag=18&source=youtube&requiressl=yes&mh=6C&mm=31&mn=sn-aigl6nz7&ms=au&mv=m&mvi=5&pl=42&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1680735311895457&mt=1684785421&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgLs2Bqt3a7MAXMDuEBM9K0wxhiXoNLamdfJjTW_NdsO8CIQDRU8VsCKHhnEe9hJjAgdGUloxHuzMgeVZ9xCGc8BeJzQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgfPrC09eUz1XpopuRppI4RhgTj6Ek6J5675UCzvg9sXICIELdvz_o_2T6oUGkU_nxrY1AKNGS6NOLNtENrQqnfuk1&cpn=bpTA8-VVD10XsK7P

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238078&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=10&dt=1684785709795&bpp=2&bdt=1078&idt=2&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=2.2ojyip6k9w4h&fsb=1&dtd=9

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:d::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

aa07d5a2d36db447685bd71c3487128373d0ccc06c8f37994d30d94ea1c6304b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 22 May 2023 20:01:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 Apr 2023 22:55:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-556072/556073
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 556073
Expires: Mon, 22 May 2023 20:01:51 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 342B 0
17 B 20ms
16ms Ping
image/gif 2a00:1450:4013:c16::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lhz9wuw0&c=3596651920935&slotId=1798325960467.5&qqid=CPHajO7bif8CFQQLjAoduEEBrw&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c16::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 342B 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 May 2024 20:01:51 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 13D0 35 B
463 B 138ms
44ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGY_J-Z3nR83ZtMc98Mu970&google_cver=1&google_push=ATf1kGM3YXuNyXry8pwxg5014w-G224berM48XN_gX6ChKhl6OWruM3KdzL7rZWLLYeQrFnPoml-RBNsyUXCIqwpC6hQueuagQNs6AYrPwF7fKq150woOXvh58y3h9EEoT6trBRH5OWwu8qWz-kyKoQiFsGCyAs

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 13D0 0
104 B 142ms
48ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEODljX4veMpYxJ-fTj1dwsY&google_cver=1&google_push=ATf1kGPtnkhX_byxCFG9271CVhTk-1LsQJ1U-bMGMqXLWme4KxNFctuveqoqsD7p0ZdU6A8yLhYx84e5lInzDrGG1qg__1XlFc_fJ-lehTHee2JUWknTVpzobOqbgB_jiodxesJgsZYAfzTsIXUPYgcsAWXUfUI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378851&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684785709808&bpp=1&bdt=1091&idt=1&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.k5vuyrecm71f&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 13D0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGFFDf53lmWyr6-L9Uo8B18&google_push=ATf1kGPzm_mVc4NCz_lHh3GELx0ptY14vrRDzPaURhpFMrZl8cRvuGz230...

170 B
232 B

338ms
336ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGFFDf53lmWyr6-L9Uo8B18&google_push=ATf1kGPzm_mVc4NCz_lHh3GELx0ptY14vrRDzPaURhpFMrZl8cRvuGz230FX2HyrqbFDPPtzS4A4fpFaC46TRDb7vssRgARbgycse7VEFKJIbzyRpdbndV_JRMHNeTK4HR8GWpT9WDxpbyy06b2DIjii8IrRlMs

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21045-AMS
pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684785712.803510,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGFFDf53lmWyr6-L9Uo8B18&google_push=ATf1kGPzm_mVc4NCz_lHh3GELx0ptY14vrRDzPaURhpFMrZl8cRvuGz230FX2HyrqbFDPPtzS4A4fpFaC46TRDb7vssRgARbgycse7VEFKJIbzyRpdbndV_JRMHNeTK4HR8GWpT9WDxpbyy06b2DIjii8IrRlMs
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 13D0
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEO6n5fH3RiFZZoCEm5PWbK8&google_cver=1&google_push=ATf1kGMoJPqm7EykMMPhsBrRl_nfQMAWRUoVip4ZG1Y17h82Ksp6NwF6DVpPWDEIiexIn5T5uArV4d271Ejs-xuLff3XVb0NNVDyfv...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC7491C0150F465FAC8CC6B7A8089B15&google_push=ATf1kGMoJPqm7EykMMPhsBrRl_nfQMAWRUoVip4ZG1Y17h82Ksp6NwF6DVpPWDEIiexIn5T5uArV4d271Ejs-xu...

170 B
329 B

37ms
36ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC7491C0150F465FAC8CC6B7A8089B15&google_push=ATf1kGMoJPqm7EykMMPhsBrRl_nfQMAWRUoVip4ZG1Y17h82Ksp6NwF6DVpPWDEIiexIn5T5uArV4d271Ejs-xuLff3XVb0NNVDyfvipBUKxjIvlpCZ0AiuFlGAseiBtCYUlMoyQPpXJHTk7n-YEzQ_zVJMJyPU

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 May 2023 20:01:51 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC7491C0150F465FAC8CC6B7A8089B15&google_push=ATf1kGMoJPqm7EykMMPhsBrRl_nfQMAWRUoVip4ZG1Y17h82Ksp6NwF6DVpPWDEIiexIn5T5uArV4d271Ejs-xuLff3XVb0NNVDyfvipBUKxjIvlpCZ0AiuFlGAseiBtCYUlMoyQPpXJHTk7n-YEzQ_zVJMJyPU
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 21 May 2023 20:01:51 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 13D0
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGNE4P8I...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGNE4P8I...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MjIyMDAxNTIwMDA2OTY0NzcyNDY4OQ%3D%3D&google_push=ATf1kGNE4P8IwTBC2VvfBWi2etB87tv4ere8uu-EsSJb0w7niNEOixM86ce4uAXy5b0HdB...

170 B
188 B

55ms
34ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MjIyMDAxNTIwMDA2OTY0NzcyNDY4OQ%3D%3D&google_push=ATf1kGNE4P8IwTBC2VvfBWi2etB87tv4ere8uu-EsSJb0w7niNEOixM86ce4uAXy5b0HdBvv5hJgNNyDBKsrKtmEsrGqryprewGXwJQhtMHrw8OuChvFxYQXttNkVWVBRTz6QuxHliUrqKONdPu3RZeR3q4Zpw

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MjIyMDAxNTIwMDA2OTY0NzcyNDY4OQ%3D%3D&google_push=ATf1kGNE4P8IwTBC2VvfBWi2etB87tv4ere8uu-EsSJb0w7niNEOixM86ce4uAXy5b0HdBvv5hJgNNyDBKsrKtmEsrGqryprewGXwJQhtMHrw8OuChvFxYQXttNkVWVBRTz6QuxHliUrqKONdPu3RZeR3q4Zpw
pragma: no-cache
date: Mon, 22 May 2023 20:01:52 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 22 May 2023 20:01:52 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 13D0 43 B
296 B 569ms
333ms Image
image/gif 2a05:d01c:1d8:8101:725e:9f54:b469:50f2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDTHYjiO-SAtvUHfXZut9Z4&google_cver=1&google_push=ATf1kGP-z_Ax34_13nO8-j9ffD_PKhNxkPaMYk7S3d1Y2K9S4PIgFGIa8a4XzTBeS2hUYmTtoxr14rN0RDQwu7zuXWQvi3fwAUmb7OBV2wMGyVImQ5yWwygrYy4m61rSHuk8eRI5dlAGTV0qXwBPzx4FbvT-1_E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378851&w=1600&vpmute=0&format=1600x1200&url=http%3A%2F%2Fshoot-yalla.to%2F&ea=0&pra=3&wgl=1&fa=11&dt=1684785709808&bpp=1&bdt=1091&idt=1&shv=r20230518&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=332808532844&frm=24&ife=1&pv=1&ga_vid=1940723311.1684785709&ga_sid=1684785709&ga_hid=1565686105&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074468%2C31074690%2C31074718%2C31074734%2C44788442%2C44789923%2C44769661&oid=2&pvsid=2492159269204999&tmod=897895170&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=3.k5vuyrecm71f&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:725e:9f54:b469:50f2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 13D0
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGsMUT4wuNv4X3fG3aSy_oc&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPb0Z3NEJcDbJ7Hm82opdKjRHQSdcET3RExiVFeRxQWMDxKVQOeMVDgdqKsYzPgyRrgaZhsL_MJJTk5AY7N2e2w64PtaREcDzuebdqsQZBdUFcw0...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

78ms
76ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Mon, 22 May 2023 20:01:51 GMT
pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 13D0 0
130 B 145ms
55ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-E1TLZ-QTz8y9XZQxXM579YirlH_-KG6pTaT7xYMzHikXfEHfsbz3Mqhn947JDJC81tpzmA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 206 cdb188a879244a5e8f9a12f3a0f0ccdd_1x1_fb___twt_video_1_eu_en.mp4
static.criteo.net/design/dt/44862/221222/ Frame 342B 47 KB
0 31ms
19ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/44862/221222/cdb188a879244a5e8f9a12f3a0f0ccdd_1x1_fb___twt_video_1_eu_en.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 22 May 2023 20:01:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 22 Dec 2022 11:13:01 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a43bbd-1efceb"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-2030826/2030827
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2030827
expires: Thu, 16 May 2024 20:01:51 GMT

GET
H2 206 cdb188a879244a5e8f9a12f3a0f0ccdd_1x1_fb___twt_video_1_eu_en.mp4
static.criteo.net/design/dt/44862/221222/ Frame 342B 31 KB
32 KB 86ms
59ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/44862/221222/cdb188a879244a5e8f9a12f3a0f0ccdd_1x1_fb___twt_video_1_eu_en.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d5136f29160dfd66f25e9a02d0ba511505f4bb996567081afeb344777f54faf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=1998848-

Response headers

date: Mon, 22 May 2023 20:01:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 22 Dec 2022 11:13:01 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a43bbd-1efceb"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 1998848-2030826/2030827
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 31979
expires: Thu, 16 May 2024 20:01:51 GMT

GET
H2 206 cdb188a879244a5e8f9a12f3a0f0ccdd_1x1_fb___twt_video_1_eu_en.mp4
static.criteo.net/design/dt/44862/221222/ Frame 342B 2 MB
2 MB 26ms
16ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/44862/221222/cdb188a879244a5e8f9a12f3a0f0ccdd_1x1_fb___twt_video_1_eu_en.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0150c9ef6f209a240aed37fd795bcd20352d8afad80f5e8270532804b7a49f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=32768-

Response headers

date: Mon, 22 May 2023 20:01:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 22 Dec 2022 11:13:01 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a43bbd-1efceb"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 32768-2030826/2030827
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 1998059
expires: Thu, 16 May 2024 20:01:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AE44 15 KB
11 KB 88ms
87ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c11508553ee7a01b778425131d54826715cc7e1988944c9d96506a90c111643f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11266
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 100ms
98ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b3fc5c90db757df58e72833ecc00a86ff7d23044333a4da762e624c5ab4f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11172
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CDA8 15 KB
6 KB 174ms
35ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shoot-yalla.to

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:51 GMT
server: Kestrel
server-processing-duration-in-ticks: 456157
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 51ms
31ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
43ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 392 B
172 B 275ms
275ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2975016614555088&correlator=4455726100783422&eid=31074723%2C31074750&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=5&adks=2647148388&didk=3595745212&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=0&cookie=ID%3D22c6cae82bb6de68%3AT%3D1684785708%3AS%3DALNI_MY5ZJPjSYNoe2aJWSEDaDEPyVb_NQ&gpic=UID%3D00000c1a0e6e7d96%3AT%3D1684785708%3ART%3D1684785708%3AS%3DALNI_Mam_SwHbLwCDMJjJxs4IKY3_ghE6Q&abxe=1&dt=1684785712248&lmt=1684785684&dlt=1684785707628&idt=933&adxs=436&adys=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=728&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhzSK0Ctkec5ibogiQb7QounU8DB-w5wZeHu1rUh-AfYleSrN_FeF5xo4mvvFThGSy8otpy8IUIIpxb8eR0XPV7Umgk5k31uUk&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e4ce8695085f6d664e36c5a00db5b7ffbd49aeb6bb4022053ae375d64aaa98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AE44 17 KB
6 KB 116ms
96ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 May 2023 20:01:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 119ms
99ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 May 2023 20:01:52 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CDA8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=shoot-yalla.to&sn=ChromeSyncframe&so=0&topUrl=shoot-yalla.to&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=p9hwhnwxYzhEK0xQK1hWUTVaOUNiaklIYUxHeVZqdmR4ejM3UGppa1VKNmhMeXg0RXR6QXVYZXRXdjhVY05PeHYydTV5aUZVZ0xhay9ZWmtPZklZcXFHRnpTdnVWamx3L3h4Nk1yakVnc04xTUFxQnBBTTdVNXZ3THRBU1...

455 B
657 B

116ms
26ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=p9hwhnwxYzhEK0xQK1hWUTVaOUNiaklIYUxHeVZqdmR4ejM3UGppa1VKNmhMeXg0RXR6QXVYZXRXdjhVY05PeHYydTV5aUZVZ0xhay9ZWmtPZklZcXFHRnpTdnVWamx3L3h4Nk1yakVnc04xTUFxQnBBTTdVNXZ3THRBU1hhK0ZvRjI1Zm9MaGYxMTc4elNxRk1VZWJlakhDV2FNcmhlV1I4cmhPWnNvWlpGMEZ4QXRIeEExTjc5SDhud0dDQVVMamd6bWd4QytxWCtyNFE5bndFVmpuakxlZVlNU0grZXZhZUIvWDNEbHFpazBGanJGWm5vVVo5anlvZXpnbXk0Y0p0d2tVS2ZFdDFDNmYxdUgvK0pxVm1xdUFBdz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a20c7bc67fd0a593ae6ca66c7ff52450cd97c93e321de8e5c433ea28f39857f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1635710
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=p9hwhnwxYzhEK0xQK1hWUTVaOUNiaklIYUxHeVZqdmR4ejM3UGppa1VKNmhMeXg0RXR6QXVYZXRXdjhVY05PeHYydTV5aUZVZ0xhay9ZWmtPZklZcXFHRnpTdnVWamx3L3h4Nk1yakVnc04xTUFxQnBBTTdVNXZ3THRBU1hhK0ZvRjI1Zm9MaGYxMTc4elNxRk1VZWJlakhDV2FNcmhlV1I4cmhPWnNvWlpGMEZ4QXRIeEExTjc5SDhud0dDQVVMamd6bWd4QytxWCtyNFE5bndFVmpuakxlZVlNU0grZXZhZUIvWDNEbHFpazBGanJGWm5vVVo5anlvZXpnbXk0Y0p0d2tVS2ZFdDFDNmYxdUgvK0pxVm1xdUFBdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 374410
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC2C 13 KB
5 KB 29ms
24ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 4313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 18:49:59 GMT
expires: Tue, 21 May 2024 18:49:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6303 783 B
738 B 49ms
43ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0fb9ea4d5f1c48dfaf659e76fb3dd37bc38b207e33acfbf044ac7da6b299fdb3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hw6id5-BKJIR1D0bFnILtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hw6id5-BKJIR1D0bFnILtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:52 GMT
expires: Mon, 22 May 2023 20:01:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 14A7 13 KB
5 KB 29ms
24ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 4313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 18:49:59 GMT
expires: Tue, 21 May 2024 18:49:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 146B 783 B
1001 B 35ms
33ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

293c19f5431c259adecd02087591215923d070522c3e1153e40b5e5849593bf4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k4-6UMwaqKynb8mwgLf6qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://shoot-yalla.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-k4-6UMwaqKynb8mwgLf6qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 20:01:52 GMT
expires: Mon, 22 May 2023 20:01:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 146B 0
0 99ms
96ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305170101&jk=2975016614555088&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame DC2C 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 May 2024 18:49:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6303 0
0 92ms
92ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230518&jk=2492159269204999&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 14A7 37 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 May 2024 18:49:59 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 1161 0
38 B 24ms
23ms Image
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DC2C 0
10 B 28ms
23ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fDQJnA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 14A7 0
10 B 28ms
21ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BLtySw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 342B 0
17 B 26ms
22ms Ping
image/gif 2a00:1450:4013:c16::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lhz9wv1h&c=3596651920935&slotId=1798325960467.5&qqid=CPHajO7bif8CFQQLjAoduEEBrw&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1080x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&met.4=arp_a_e.1fc&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c16::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 295C 0
17 B 18ms
17ms Ping
image/gif 2a00:1450:4013:c16::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=3~lhz9wuxg&c=7375624412487&slotId=3687812206243.5&qqid=CKHwi-7bif8CFTgMdgYdrR8HtA&fb=rewarded_web-lima&gqid=LcprZKTCMvnK1fAPpcKssAU&met.4=ghmsh_s.lhz9wuxh~arpf.lhz9wuxj&ghmsh_mi=18%2C&ghmsh_gvt=0&ams=1&vs=640x360&vc=avc1.42001E&mt=video%2Fmp4&vsrc=youtube&bit=18&cpn=bpTA8-VVD10XsK7P&msm=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c16::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 20:01:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
224 B 19ms
18ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467996/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: http://shoot-yalla.to
Date: Mon, 22 May 2023 20:01:53 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AE44 0
0 61ms
61ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230518&jk=2492159269204999&bg=!-_il-KzNAAZ8_aWmXP07ADkAdvg8Whd9rPAOwgk61r4FvDt8qzeC4sEjK7gbLHK5zLDPVFxADQM_FyEnzChzLVUCK58SlUn2GJcCAAABilIAAAAKaAEHCgCtZZBBDMn9kk5uXX97vgsBD-KR0bXfXZcfwfLhSazRY96FLDGTx2kSkkYx2hm9AlaJPGzTcl8iDt8gCDmnYJ_TMFy9VgJ5vXG1jyzlItcVYFxOXCokwLrh1RnpBJYmeb-GwDjEl4vJgnES3K6sCHnqsRDqk0bXDWHeyMuOxGTaEksbNhVuY2pP8ldRaBDwDU_A8hXXu9EZfdpY13e8tiq5KDeo7JV7t1HJGJGCYoaZArmdRePjYMZaZ8bB8iBoiNaeXvlzvG0GFEyWotVaby3nd69WGq3cuuXrkCG7seMeO8zbAWYRgcVhlnfNnxrdyl_AdS2dWbTdHZlqK0Guu4ztU6BfMjj4qtx9npPr6Fvu5iSULPROnJBpM2US3lLZqmqqGwAwc8Fkz6b24nzGhY2CsFh--Tx3fIOIqPYdg98VkUPqmvJv8u2Q5G_u6bBLHjLg-4BCdjq4VdJZkmaAbzASmGfeBS7MZnNIh5OMYMnT83e9Z0F1Gg_PQKZEDKG3SVdsCZCm5SKPF1OQ3_79PxLIz_YCwDuDgHkLnrYYkVQFA67k0w6qH_Kg04_6xz7IfpEs-0tz4npA7NC0b8htZYNRR8AP5T33uP0iv1cX-NJ0zM7OSg8stzrwCcNqLko00tTJiSqB3yUnXsB2Ai1i06tB1X02sq0O7lxtaf7K4AEL4SjL6avCP05vZYa5IVcGk8IlNxDyNklwNG_MK3ngTa1Yy1FWIYkUyJ7lTQHttMMinTInfZUz0biz-HTVpj52a7YhactEO4jOrDwEZOBKiG_czaH5IOaD6zeNlhg9DnXmr3-4YVMsA8H4UMAD4yg2hXg1QVpX-Y0yfuNVnbfEHg-tXPOgukjtokGFPN2MyFyH9BSTD5WF6QzNJMWvL3RgMvA8Tmz6Sh6jub63O64RxnS_Xp3M9EnsGmfBHVcvx1JfKciG3hRzE6demtzxNdHDOLikla1xwqTjDu4Xv6ZUM6Da4zcIGH8Gh1BADE1MHRjy1K1_P2Tl8MRcdMkJlRijfUPmV_zb-_RRc-lYhFqs5hc-IQpRXSEmj12dPqR7BUxqYsaQaWVKyFoNn53PhHFisDiIamKQ_z0UODtI20AzDm1YPFseTZrrWf3MUlN9HUYzPzQc1RfsSrRN3k4KsNdYRnApWZSQ7ARVkci-
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 86ms
61ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305170101&jk=2975016614555088&bg=!9fal9qLNAAZ8_aWmXP07ADkAdvg8WrsmbWVdV-et0N5ULeNsqJgMO6yihIdyAhCJ9kxrsH60kzct26fTz9hjg9Lk-DUakZlIXtECAAABglIAAAAkaAEHCgAH4KWNh438i5kCpNADgWTcFwdcrlMLvZgalL2TdbcgPovmylkN1breujcDBfa_QNiBUuyIzFLDBsYyxi4NkRbyREa2YCj3APhEFq9los0k0YQYzXIyULYXmItrI72oCZlQOljcTqCG22vYcaru1ck08Jp79leqFswAg77fRM7gf87pzkMtsMtQg7HqGCzEK_xYY64EVORve1N4RpucfVfR2MqA8YHzS0f3vZaaFpucgJ0SgPBd3og25lZeax0OO29zxqmVZTE-0uT5RmQmjflcpHOWxNyySbcXJ2l8e-xOR2F8GUjWpFGJb3fgVEL43zBtGgOA_C_Zw8oxDB81wHaUnOpKJ4a8uWw4KrMSCJnP-loUogVyuhPQkZWAcm2jKZpBnSH94jLTBjW-CUVi_G6JAT1MDTDalqAGL0O7xARHSP3DhOUdYyFlZjY5Xe2N98gl9bR2gFm2l9Cz-JXSfJyxxvlINQKkOMTifVyb8lxrTM3IRNe4iZmmVbHqz2vIk8bQbBWQfFoo6Gnw8enuOotjHloBha4byDSrP5E_eOyza0FljpuLoRWkf4U8C8kwS0OB8QI83EtuAzKuaWO6_enX5yWVIGzIuDR8EqhASITXJvPaoyBxNcVGdv7Y7x2VtHeGJQN42L9Mb-mQ3RrvAS8tma9dJf1OxC38Pia9d2ZapXJ9cynG3Or5n1cKlWam9AIa1hmVlj1wb4ZKRLZ_3XWUpPVBexxxRq-ffBDoHijmV_FwUSsDLgk-iRxcP9yjYV_G7rY6fNT1yK049-qzYu7H8rRsAgD4bOt7JAFWeLB7JaUQ6secF2M-hLWiwp-cxN1Ik3Rqdm2HeQwO7eF7FJfhvGp9wzjNEtFyTohO3sk39pXHJriCI-KirUut3_fpE5fr5tqPAazya0fZIFcJJ0s
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 392 B
172 B 224ms
223ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2975016614555088&correlator=1240057950452002&eid=31074723%2C31074750&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=6&adks=3827555597&didk=3485300938&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=0&cookie=ID%3D22c6cae82bb6de68%3AT%3D1684785708%3AS%3DALNI_MY5ZJPjSYNoe2aJWSEDaDEPyVb_NQ&gpic=UID%3D00000c1a0e6e7d96%3AT%3D1684785708%3ART%3D1684785708%3AS%3DALNI_Mam_SwHbLwCDMJjJxs4IKY3_ghE6Q&abxe=1&dt=1684785714068&lmt=1684785684&dlt=1684785707628&idt=933&adxs=436&adys=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=644&ohw=728&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhzSK0Ctkec5ibogiQb7QounU8DB-w5wZeHu1rUh-AfYleSrN_FeF5xo4mvvFThGSy8otpy8IUIIpxb8eR0XPV7Umgk5k31uUk%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0089bc3f82e6db19e61218f7f47a40bf9d22746b0d2bc594047ca32b9dc5f7d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
224 B 19ms
18ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467996/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: http://shoot-yalla.to
Date: Mon, 22 May 2023 20:01:54 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 392 B
172 B 180ms
180ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2975016614555088&correlator=388144556205209&eid=31074723%2C31074750&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=7&adks=2670871624&didk=361233126&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=0&cookie=ID%3D22c6cae82bb6de68%3AT%3D1684785708%3AS%3DALNI_MY5ZJPjSYNoe2aJWSEDaDEPyVb_NQ&gpic=UID%3D00000c1a0e6e7d96%3AT%3D1684785708%3ART%3D1684785708%3AS%3DALNI_Mam_SwHbLwCDMJjJxs4IKY3_ghE6Q&abxe=1&dt=1684785716562&lmt=1684785684&dlt=1684785707628&idt=933&adxs=436&adys=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=644&ohw=728&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhzSK0Ctkec5ibogiQb7QounU8DB-w5wZeHu1rUh-AfYleSrN_FeF5xo4mvvFThGSy8otpy8IUIIpxb8eR0XPV7Umgk5k31uUk%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eefb2b18050aba5b4bd169788755481f71753983624b6d65c71af7aeec0a987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
224 B 19ms
18ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: http://player.aplhb.adipolo.com/prebidlink/467996/hbw_master_744327_17687.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://shoot-yalla.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: http://shoot-yalla.to
Date: Mon, 22 May 2023 20:01:57 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shoot-yalla.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 392 B
172 B 164ms
163ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2975016614555088&correlator=1826032779311543&eid=31074723%2C31074750&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=8&adks=3973941103&didk=2188031855&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=0&cookie=ID%3D22c6cae82bb6de68%3AT%3D1684785708%3AS%3DALNI_MY5ZJPjSYNoe2aJWSEDaDEPyVb_NQ&gpic=UID%3D00000c1a0e6e7d96%3AT%3D1684785708%3ART%3D1684785708%3AS%3DALNI_Mam_SwHbLwCDMJjJxs4IKY3_ghE6Q&abxe=1&dt=1684785720388&lmt=1684785684&dlt=1684785707628&idt=933&adxs=436&adys=1490&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fshoot-yalla.to%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=644&ohw=728&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhzSK0Ctkec5ibogiQb7QounU8DB-w5wZeHu1rUh-AfYleSrN_FeF5xo4mvvFThGSy8otpy8IUIIpxb8eR0XPV7Umgk5k31uUk%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=368023858.1684785708&ga_sid=1684785709&ga_hid=1776331647&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a07c84c642bac1c208783390262aa3f5872611d6626bd06d6ce88a070bfa5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://shoot-yalla.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 20:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://shoot-yalla.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shoot-yalla.to
URL: https://shoot-yalla.to/assets/fonts/Montserrat-SemiBold.ttf

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shoot-yalla.to/	1970-01-20 21:35:45	Name: _ga_42B0FRBVLM Value: GS1.1.1684785708.1.0.1684785708.0.0.0
.shoot-yalla.to/	1970-01-20 21:35:45	Name: _ga Value: GA1.2.368023858.1684785708
.shoot-yalla.to/	1970-01-20 12:01:12	Name: _gid Value: GA1.2.1968571878.1684785708
.shoot-yalla.to/	1970-01-20 11:59:45	Name: _gat_gtag_UA_153122498_1 Value: 1
shoot-yalla.to/	1970-01-20 12:42:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
.shoot-yalla.to/	1970-01-20 20:45:21	Name: _pubcid Value: bd7982e1-700e-4e6f-acc4-9cf91f974faf
.shoot-yalla.to/	1970-01-20 21:21:21	Name: __gads Value: ID=22c6cae82bb6de68:T=1684785708:S=ALNI_MY5ZJPjSYNoe2aJWSEDaDEPyVb_NQ
.shoot-yalla.to/	1970-01-20 21:21:21	Name: __gpi Value: UID=00000c1a0e6e7d96:T=1684785708:RT=1684785708:S=ALNI_Mam_SwHbLwCDMJjJxs4IKY3_ghE6Q
.doubleclick.net/	1970-01-20 21:21:21	Name: IDE Value: AHWqTUmq9-LGuJUmoyvp5UimZDCqbdZttI6hnWdGewiMTUDvXGGe9KJi4L4NrFFwApU
.doubleclick.net/	1970-01-20 11:59:46	Name: test_cookie Value: CheckForPermission
.simpli.fi/	1970-01-20 20:46:48	Name: suid Value: BC7491C0150F465FAC8CC6B7A8089B15
.quantserve.com/	1970-01-20 14:09:21	Name: d Value: EDcBCQGGKYEA
.quantserve.com/	1970-01-20 21:30:00	Name: mc Value: 646bca2f-c5515-d8843-0761b
.everesttech.net/	1970-01-20 20:45:21	Name: everest_g_v2 Value: g_surferid~ZGvKLwAMAXcXIwA9
.e.dlx.addthis.com/	1970-01-20 21:30:00	Name: na_tc Value: Y
.addthis.com/	1970-01-20 21:30:00	Name: na_id Value: 2023052220015200069647724689
.addthis.com/	1970-01-20 21:30:00	Name: na_tc Value: Y
.addthis.com/	1970-01-20 21:30:00	Name: uid Value: 646bca3036b73cce
.addthis.com/	1970-01-20 21:30:00	Name: ouid Value: 646bca300001fbbe59f487d0f231f400ee1ff257c20c96c203f8
.dlx.addthis.com/	1970-01-20 12:42:57	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 12:42:57	Name: na_sr Value: 20230522
.dlx.addthis.com/	1970-01-20 11:59:45	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 12:42:57	Name: na_sc_e Value: 0
.criteo.com/	1970-01-20 21:21:21	Name: uid Value: 20de5813-3ead-4865-a23e-3e33b5927c28
.innovid.com/	1970-01-20 14:09:21	Name: uuid Value: 931ac674-a234-401b-803d-79cdf42046c5-20230522 16:01:51
.shoot-yalla.to/	1970-01-20 21:21:21	Name: cto_bundle Value: hSkNf19lJTJGbkM5WkQlMkYlMkJqellJVDJIaHVEJTJGQjhWZ3VDdnlnNE0lMkIlMkZDRElXY3VVR2hkTlYwdXE0bkFORjRGZzJjUmRDV0pXTzJla3RUZ1FQOHNxT3klMkJQVzk1Q2J1dzJsVGVVS0htaU00MWNkTE10alZNdTJHQmFWNTBkb1hUb1pPYVpGakYwTVB0TFNUTUc0RDd3NWhHS2psdWNGQSUzRCUzRA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://shoot-yalla.to/(Line 1248) Message: <link rel=preload> must have a valid `as` value
javascript	error	URL: http://shoot-yalla.to/ Message: Access to font at 'https://shoot-yalla.to/assets/fonts/Montserrat-SemiBold.ttf' from origin 'http://shoot-yalla.to' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://shoot-yalla.to/assets/fonts/Montserrat-SemiBold.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adipolo.com
ads.eu.criteo.com
adservice.google.com
adservice.google.nl
ag.innovid.com
ap.lijit.com
bea3c60389061a3808bab6673953f139.safeframe.googlesyndication.com
bidder.criteo.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dclk-match.dotomi.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
gum.criteo.com
imasdk.googleapis.com
jscdn.greeter.me
mediation.magnetssp.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
player.adtelligent.com
player.aplhb.adipolo.com
region1.google-analytics.com
rr5---sn-aigl6nz7.googlevideo.com
script.4dex.io
securepubads.g.doubleclick.net
shoot-yalla.to
static.criteo.net
static.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
web-api.scorarab.com
wrappers.geoedge.be
www.boomplaygames.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
shoot-yalla.to
104.21.87.59
13.32.99.102
143.204.215.128
151.101.129.108
151.101.66.49
172.217.18.98
178.250.7.13
188.114.97.3
2001:4860:4802:34::36
205.185.216.42
216.52.2.6
23.35.237.56
2600:9000:236e:d400:2:d490:4d80:93a1
2606:4700:20::ac43:4bf1
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4009:d::a
2a00:1450:4013:c16::78
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:fa8:8806:13::1400
2a03:90c0:41:2801::62
2a05:d01c:1d8:8101:725e:9f54:b469:50f2
2a06:98c1:3121::3
2a0c:5c81:5142::2
35.204.74.118
45.133.44.3
45.133.44.4
51.89.9.254
69.192.160.219
0089bc3f82e6db19e61218f7f47a40bf9d22746b0d2bc594047ca32b9dc5f7d9
0150c9ef6f209a240aed37fd795bcd20352d8afad80f5e8270532804b7a49f5b
04c19866871960d5f764a0e629213d45cb3670fa273ded92884b05f1310bfbc1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0fb9ea4d5f1c48dfaf659e76fb3dd37bc38b207e33acfbf044ac7da6b299fdb3
1374b8f07fff158a285cae4f10364b53b430f5460c29a56e7069c5044541d12b
147f0ee841b9402355af6f0b74053f9da6aeaf5a6dec2791372b3b49f7dd3531
159ad304f4605d9228753ad23f4166bdb139f111aed165b53060d662abc6ee73
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
183cf3c677a3f5c720eecd20963f52ccec2b6980c22a1122028bd0376faea0e5
199ff21e524f3282c8a7aba47b4acbcfecb8ac2f4339a08b2e4488bc980ffb17
1a07c84c642bac1c208783390262aa3f5872611d6626bd06d6ce88a070bfa5a1
1d7666209fd78007af6f00e6183895d519ddfc041df9b609274ea6f35e8ea3e3
229abf9ca0004df4e17355f58df83e0f9e85a2419b4c737cc4ec9a4fa8e9cb7c
2796a2f40b924e19ce69de411388af0f5a8c5e3319c8a102561e1721ada43256
2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
293c19f5431c259adecd02087591215923d070522c3e1153e40b5e5849593bf4
29a81374af84c6654bbe81b18f8b6ae362bd108d74a1d875ca505f1ab0685dc9
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2c0cfdac5d0b00437a5c93b6b39504f10596df2c0b496454daed3d8ad34766b0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3283c09f88e990e40d307629c7ac10940ce484e7a755bcb4b6a5f442e74d5ca8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35ad92bb2e47d63ce3250b038f2c017eacfb824a3dd8def98d2c4df41bdfa82d
35fd5ae45917a9f0c249b5e2d3c47ee9a6064f1fd6c7c3d6943da47ac5280b8e
3bd0eaf4dc1727aea18802b69673426487f6e4553eeaa5a50cf1215b42090a2e
3d0358b0640518c788f9186ee5f124d3a0bcdf1f12a429ec555183a0a0b474da
445f76faa641b41b0b6acc9a2406ee3a586056b77106e40f6f567d580ab40c93
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
453f46dd7ff4e08b5d7261f6c97fb61e7a24d52de78ee8a582423ecdf1534f4c
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
462576cb2ab9372a628f97a39a182d80417a8cc2828b1a688f7f589dfb578b9a
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
4656d3d34e083d40271527db9963f9a56e8c9b4b61950569e4ec1036a86c4fb7
46694a456711f854acf918bf369e0ce435264b9bb101fe05b5605ef4aa68fe22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471d1441e10580906ddefbe4cfb90f60ba5a73ff217739fdb927a06d38694ab5
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4bb033ea7a2a04c5459311db0d05fdf49fa1c1478b61e7db9e8358dcebfc9504
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
53c8e12b1eecfdd19a3dd422e55c59fa464b5b8d79c1c3a496c5464012a7c2e0
553ae0bf096177f4d85b26a41d255124f5e812a830cc2b47a7fda8d2c05a4cb9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5784443c7ad0e64895f7a8b0f8da24eedd60a5b23488b9a735033326a5293b8c
58d40c4b17c6dfffa62b833355abe66f8b1f9843fc59f7c56eb29b388042c29e
5b611e89fa1a6b58cbc1db830dffd3ff972ce5727f6397510a60332cc2218055
5cf86ea3904f96ce75441057cc58106eedc9f049d34e2a7ed5023a87d916ec6a
5e4ce8695085f6d664e36c5a00db5b7ffbd49aeb6bb4022053ae375d64aaa98b
5eefb2b18050aba5b4bd169788755481f71753983624b6d65c71af7aeec0a987
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
60ebea2636a9ad64b3a38c2491fb59b38c07ef5399ee3a56a2e42ed72cc8d24a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64672af3b0d97c594185abedeb246c7b79164a879dcbae49f2facaf7486303c0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6932df820961730c0ea5fb9bb454dfc9b46f6fda723c09fd481b9184fa7ddf54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd6632a78536ac110f45dba520723c75f13dc78865cfa899331df5ab6c472df
6c3ceed2256e78d1d6cf8ca4405b9204e43ed8dace787060fda3e822204fdbf5
714e12f6093f5ffbf0c50cfb2051c9c85b86e0bde08696b8d7763881da70dd85
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
75941d373739e8177aafb48f4f4b84cab22d23eb703a9985a67e6c5cd59442a6
78cbd26fbe05d68060057ad82c4f5418b7896e5c3416adca793873bebb659fcf
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7c3412f3f6fc8285795ada981ce5a07aaff8cdce61f916c65b423b86a2944381
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7d831e121563f442bb2f84909f710a0c9cc68a17ea5a9ab8abb31dec500e7dd4
817504c104c8071a04f168dcc245705cb9641f44d97b2692ae5abe5e011c02e4
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
87c4c66ea1a66e9f284edd8febb3578e5cedff9a71db44595f0947f57580b880
894b8a5ba082b76664658849b9201138ce24a44bf36ed16301fc4ff2090a3bf4
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8e3e1e67aa1898a175da2612f00ee342a817599a4030b6a881c4724d4b0b1ffe
8ee327743ca88bb95d1de12d383f6834f568fba609a87144d769a2fcabdf7f23
95c03596aa5342e6dc64b5c7e075cc5023788a63371a52796f2d282f8c3834a9
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6857632e43a6f399172aa492ffa275749359fa28ce997f006c868bd268851e
9d967064b3ed9a0e0bf921993317ebb3d8e94ca958e9555f34950f4cc14168d5
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a0463eef2b344b299a040c046459ae80d5ec7a18e49ce049a7b5ab73cc175053
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20c7bc67fd0a593ae6ca66c7ff52450cd97c93e321de8e5c433ea28f39857f9
a29aabb0d268f669a100b65e8ac6ff19345636dd564423c7f1524019c1257032
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6482849860cec9c85f0b28a58d829013b52b1c774f20255cf6100f66c1ab46d
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9b3fc5c90db757df58e72833ecc00a86ff7d23044333a4da762e624c5ab4f4a
a9edad92940f52592a6b456ecf43426fca9534e506b030224556529a95e7359f
aa07d5a2d36db447685bd71c3487128373d0ccc06c8f37994d30d94ea1c6304b
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad4e637fbbb6d5918434b4e504cf410b60cac14bdeaf4b31a4f9032145ad03e2
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
b4f472e6b83562a57596cbd4133dfef6345b81a4a3e63a4ce7f97d197957186d
beb499db090a05d188f20b735a295e34a021e50df24548dcacba536a2dc3a18b
c11508553ee7a01b778425131d54826715cc7e1988944c9d96506a90c111643f
c334fe640b85a39b39afcb3fb696fb65a0f38f61d4aa04e4daeb4b2736721a53
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c59b6ad634524c6d65a370db5738744a394f46edec429d01f9e0675f1fc723b4
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c7c5bbb4b01e3acf32cec3fae2352e715e96a6f2cb4a2570e3052280e262264c
d4bc386fd405f6ed2c3228bc2b0701f50234519bfeb43417ef6e8bdd1cfac31c
d50e12b32a9f597e7db520fcf93c0db0703ce8b2f22977ca7e8b8d7297f06bad
d5136f29160dfd66f25e9a02d0ba511505f4bb996567081afeb344777f54faf3
d819bd2570eef973dec45477c309c259218ac2baafd76c4cf012fb616885e8fb
dae943c311428fd611c619f9fdfbdcfe56ddbcb39b3b6d6c574ef087bbe8cf2f
db9725a00f53ca2f3a4140f8cfda2bf9e4dfb7118d1dcf68306fb778469ed729
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e106d048b80f677650e1a74fd03b1be6296b33a133b6f72cbcd329e3cb651bf2
e39175fec39bd1ba3aef3c7959bbd9fb3b5dc99e9430038f815a3184253b8a17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bcf2d5f315b4934bb16863b7e7437756f49f5c2fc23b3389f48b8b562bc820
e5dd633c997d867a35548d0121d221857f59ed6cf944303ea65ec75847b66207
e649b35544088098b1377693fd69e8ce8ab1fe3b34f67c45f020bfd14620f6ce
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e82579c7719e508e943bb982cbe82945941dbdc5e67b2f3364e37a55b276296d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eab61228b8c345ce533b8e078ee4cdd19702abbfa8d1bb9c165913fac7cf3464
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec810a2045c3f657194655f344fa89849aebd4624e109d97ca9030bfc45642f7
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c
f36c0d3594606f5e6ef9f485a89ee1dfe62396656e957b75841aeb79fa131fab
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa602dbac3c6503fbbb0f38c49a084f016960090e03b8c6e158c7f77a667198d
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68
fd57ce402a088738dd0297e29f81b5a5d2f76255dd632e2f9e0eb010161e2ac7

shoot-yalla.to Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

199 Requests

92 %HTTPS

67 %IPv6

33 Domains

48 Subdomains

46 IPs

7 Countries

7581 kBTransfer

12414 kBSize

26 Cookies

6 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

shoot-yalla.to Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

92 %
HTTPS

67 %
IPv6

33
Domains

48
Subdomains

46
IPs

7
Countries

7581 kB
Transfer

12414 kB
Size

26
Cookies

199 HTTP transactions
7 data transactions