hd.yalla-shoot.io Open in urlscan Pro
2606:4700:3038::6815:ea8a  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

• https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUQxN0ZEQ0UtN0YyOS00NUY2LTk0QTEtNTk1RjdGRkJDRTYz&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 82

• https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
• https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hd.yalla-shoot.io/M/	80 KB 17 KB	209ms 167ms	Document text/html	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hd.yalla-shoot.io:2096/M/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63a2873dce14c6ce0abca75d0e02fd1c3db409eb69e7d703501c7a6ef78a3a40 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 cf-cache-status DYNAMIC cf-ray 700f2bddddea9b80-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 24 Apr 2022 13:26:34 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" link <https://hd.yalla-shoot.io:2096/wp-json/>; rel="https://api.w.org/" <https://hd.yalla-shoot.io:2096/wp-json/wp/v2/pages/8972>; rel="alternate"; type="application/json" <https://hd.yalla-shoot.io:2096/?p=8972>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDJWWe%2Ft5r8jQDWC3OSDGDbcC5RAdL6qqQsy670Z0e3HnUmNWSlAAJIXnL9Zb0on8d9mAGcoHKeoZ35TnTQoBNUqBb61vTGq68IAi0lpQyFdsdMgQ40D16j3FagNaP1siiog88aAx96sBfAO0NLRolm8imYV"}],"group":"cf-nel","max_age":604800} server cloudflare x-fastcgi-cache MISS
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	84 KB 29 KB	74ms 24ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash 1234e70845884be8d81e003b2bcd958864cb1e0c02709b98ae6a28f816768a7a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28697 x-xss-protection 0 server sffe etag "1195 / 332 of 1000 / last-modified: 1650665455" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 24 Apr 2022 13:26:34 GMT
GET H2	200	logo.png hd.yalla-shoot.io/wp-content/themes/YallaShoot1/img/	4 KB 4 KB	21ms 21ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/img/logo.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d66ddf63cfc9a614849bcb959e3b616478106a8754cb9f8ecb8b618977a73209 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 01 Jan 2022 19:02:44 GMT server cloudflare etag "61d0a554-fff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1zuIBwL%2B9CMU3QLxQQI76fJuUqZrw4b1dY7wUhmJ3N3ZCVE2qR%2B2Rnb%2FCQPtOb8NProwt%2Fxsrym6sltQy8iZKl8J9n1xlvIJDyKqJWjI6UJQClI2n5jQ64J10C5jyigZDcnBrHvF7JmvqaSDFQuA36jQVuI"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdf49ae9b80-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 4095
GET H2	200	js Show response www.googletagmanager.com/gtag/	98 KB 38 KB	57ms 23ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-107335079-1 Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4b9036c54ca1c06aaca9bc5de1563dedd788a9ed92af20cd8c89c2ed5a62471d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38832 x-xss-protection 0 last-modified Sun, 24 Apr 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 24 Apr 2022 13:26:34 GMT
GET H2	200	lazyload.js Show response hd.yalla-shoot.io/wp-content/themes/YallaShoot1/js/	7 KB 3 KB	36ms 36ms	Script application/javascript	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/js/lazyload.js Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4b49d4d31bafde40cecd2f1810924311d1c8e3809fbaaddc3a1578c3e18b34e Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT content-encoding br cf-cache-status DYNAMIC last-modified Sun, 02 Jan 2022 15:54:22 GMT server cloudflare etag W/"61d1caae-1c9f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf0w0w8mSTTX4WYXe1lqxXJX%2BtRStq5B%2BK3kwfuKi1HMw%2FueMvgPkuIS0xTSlE4%2BrFvniMYdPWMPY4lLOnmXmkCevCsWBHuc%2FgJTFjI7PGQ8SLOvN9eOqb4%2FdsD%2FrwrtMOJV1WPj5Gb7zfTz%2F48VZESrevh%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 700f2bdf49c79b80-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
GET DATA	200 OK	truncated /	451 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	401 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	944 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	248 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	460 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H2	200	NeoSansArabic.woff hd.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/	56 KB 56 KB	30ms 30ms	Font font/woff	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hd.yalla-shoot.io:2096/wp-content/themes/YallaShoot1/fonts/NeoSansArabic.woff Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6 Request headers Referer https://hd.yalla-shoot.io:2096/M/ Origin https://hd.yalla-shoot.io:2096 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 01 Jan 2022 19:02:44 GMT server cloudflare etag "61d0a554-e014" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bi%2BLqFcWDYYIFuSPfr4JBd5qjT0sZzugoihKOyFGOIgny%2F0XA100HWfYFM%2Fi0G4paP0iWIMtApPNmgqwZ0Dmcv9dnCSh7wqJ1nmQqd1UslTxKahnfnh6Km9kiV1tgl7NmZhe2EKBgMuxV%2B0Z7L8bH5rIaSz"}],"group":"cf-nel","max_age":604800} content-type font/woff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdf59d59b80-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 57364
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	500 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H3	200	Wdad.png hd.yalla-shoot.io/wp-content/uploads/2021/07/	12 KB 13 KB	53ms 52ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/07/Wdad.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0585f91482c9433b371244de0de20f09ce712b2e3ba588008ebb67c6a1c9c4a5 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Wed, 14 Jul 2021 06:11:45 GMT server cloudflare etag "60ee8021-312d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKSFUhFFtHElGYHmlthd%2FTsnJvzbvO06PVgqcoa0AdP%2FM56fpxUo5sQpO3LAz2eJPXdxayAY3hbkj4EqC7PE61LXAKCa0p6ZthqWFOQQ9KC2TjN7sfWTuRY0LSrog%2Bsar5iVbT2aH0A3%2B4ohWeuSAcaWeSIl"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaa8d90b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 12589
GET H3	200	Belouizdad-2.png hd.yalla-shoot.io/wp-content/uploads/2022/02/	13 KB 13 KB	46ms 45ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/Belouizdad-2.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63f173606ccdf205a1815960748a257b78ee74651f22bf90d47c79b2d972fbf5 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Fri, 11 Feb 2022 04:15:18 GMT server cloudflare etag "6205e2d6-32b7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2Fsx9%2FDt0%2BH%2BAFrbfkXrEnZiewrQD3VLRl3kTyRKPvgNW4oRW6h7Xa%2B8Mt4EGCBiELseUrKq%2BcMO%2Fkv03T007FOSHpET0INo%2BEhYdlbsa2Syvb79Z5ZYbAS0qCldEFO%2BjgSOz8idnNiyPZ9YTFNQabugyvS%2B"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaa8f90b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 12983
GET H3	200	Untitled-2-copy.png hd.yalla-shoot.io/wp-content/uploads/2022/02/	20 KB 21 KB	44ms 43ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/Untitled-2-copy.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 286a5b32310f7ec05ad54c47d1f0f35e85543a72cc21c291e588a81d62f463cf Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 19 Feb 2022 16:38:03 GMT server cloudflare etag "62111ceb-50e1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUYZFj1YwbC3aV6rn%2F2OuPOAxHNnfaypvlQcjOn7uudb27tfaPPiuqvjW%2BhjKrjzgLZJrELBPn4mXm77D9kF0KLIRW93zWg3iJk7FW4F9GlH4l0xqBaLjZzIFkRxyWo6xGWLwQzbjwTKB6TQp%2FWu7EphIyJ0"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaa9390b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 20705
GET H3	200	880UCbaux4wc8GngA9SLw_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/06/	10 KB 10 KB	45ms 43ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/06/880UCbaux4wc8GngA9SLw_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0336209db3d58512c01a8426dbb6970311966fdb25b7d18f0773115cc385b71c Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Mon, 14 Jun 2021 01:44:41 GMT server cloudflare etag "60c6b489-269f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aopKR0PL0cjxt1UEshEl4F0kPrGy9Sqcf9%2Fu7CVk0nzuMcwJ2TFWwKbbH9FLer4Xt7gHSfu6avTLeXWDy5YChEQ2fXEkqFz1AKoDima%2FHHCXLu1xKtoqDglGTy4c61u4V9aT7o%2B%2FH7osmb%2FxALuCLJHwCF3"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaa9490b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 9887
GET H3	200	fhBITrIlbQxhVB6IjxUO6Q_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/07/	15 KB 15 KB	38ms 36ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/07/fhBITrIlbQxhVB6IjxUO6Q_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35842d39e7a17d060febc97a1fcac74a9e44c5f63b63cc49c2235e69ed96a607 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Tue, 27 Jul 2021 03:54:44 GMT server cloudflare etag "60ff8384-3a83" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FerGyysGGjVXk%2Bq5MqB4wPLE0EbXwx4Rwk558IUNJzId%2Bst1z%2FAVwyRd5hyBzxrB4pJzxBxFdNuR0qksKIaroKzKnGydn6NP4DNss9AOaojy3cxLnkMJa0YWMJT5OW%2BWdlsZAoxd4IWL9ibUm36W5fMYgQp"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaa9690b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 14979
GET H3	200	bXkiyIzsbDip3x2FFcUU3A_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/08/	8 KB 9 KB	38ms 36ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/08/bXkiyIzsbDip3x2FFcUU3A_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 657417a00a5ff05306956083ba5be0114389aa87fbc9a75aef1441c9f9eda1ac Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 14 Aug 2021 14:38:21 GMT server cloudflare etag "6117d55d-20c3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Bu0w74h1WOSOmzYJSsVYRr8y55P%2BHenEq1Ehy6SX5604CnSqwLi6yxAJ7dGl%2FSUU%2FbGoZnx9J8anMJScHxnszJU7ezUYcowNUtSkyMfHqaQmp5pDiO2s9omDY2IRlZ2OU94beOrUGcXBJF%2B7QbBxJ34zZ9O"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaa9890b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 8387
GET H3	200	teLLSaMXim_8BA1d93sMng_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/08/	9 KB 9 KB	30ms 28ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/08/teLLSaMXim_8BA1d93sMng_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab1b83bfd51c5d9eefd73f150e78dc47df7b0fcbd309f38e94274b02e2d463da Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 21 Aug 2021 08:51:46 GMT server cloudflare etag "6120bea2-2358" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZF1GEJbjAEcdnscEZ29t6gFKCNOuZIWBdSooPQMpQv1BQ%2FMZM67ZCgP4Ak0VhhFIgdQmjNMeRSDCSF36kOG3X31K19KUc4wxaKKvk%2FjJvYtJjOg79tiS5CgOvoL2%2FrFXwxucpr1zP62OzcaAMFTrv7rTMYU%2B"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaa9b90b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 9048
GET H3	200	WjHLbBIQO9xE2e2MW3OPQ_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/08/	5 KB 5 KB	30ms 29ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/08/WjHLbBIQO9xE2e2MW3OPQ_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b93e9782c75de42f0990823129a2569f7a2e48d73eff8c88c1f4310284d73b6b Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 14 Aug 2021 14:21:41 GMT server cloudflare etag "6117d175-12c5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5XXdzuPARAyBaU%2FKyrhg4T3NJEPP2tf73%2FjDPJMwJLaokhwOvvPZvo1zQsgkRjst9wMyHqsiGZyrbPrmJYxwaEMmW4UQ760WFNleaa0mObw80JVzzCzzRpl%2BgCALZdOpQ9sabRSfdqBlZ6w2QoZKxORNiNs"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa090b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 4805
GET H3	200	vyezOynQ97AOBHEaClxZrg_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/08/	7 KB 8 KB	54ms 53ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/08/vyezOynQ97AOBHEaClxZrg_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01ae0cc78d53df6a23038d7bdb4e23adc2aeac0a294581bef96ce14e75b1b3d3 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 28 Aug 2021 08:36:18 GMT server cloudflare etag "6129f582-1d44" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1B1PfDpKNpJs%2B78POD4xaxOrn7cPR6QFeNZBP64j%2BVU2fEbwTsdPmXRCnc53kSIQczYjsLRzEgMxuj8PhBfgoqo9O8C4B64oiTorvtQpZQa85EkQTTdLu%2B2vYOJWLUtbNZHneQ9GwGGR3jboj9xS%2FPUS2K3"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa190b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 7492
GET H3	200	PWRLYBJqlGrAAsKkUN6eng_96x96-1.png hd.yalla-shoot.io/wp-content/uploads/2021/07/	6 KB 6 KB	59ms 58ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/07/PWRLYBJqlGrAAsKkUN6eng_96x96-1.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15048b01cdcb5147c7944d4cee9e9ff684e9a36af1d99979bb79eb8227dcdab3 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 31 Jul 2021 09:45:19 GMT server cloudflare etag "61051baf-16ad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOwAnZNEIyqiQxv8i5Q5GWBnghV%2Fncd%2FqNJNFmSteACISeAaR9BHv4W8I0yHEW87izD%2B%2B8oZ%2BYY2oSc6BEnj5pqZ7Q9pc2WVONz%2BhcP9AkdkGN4cag%2FsPsO4LQZjAvBOpO11O7vsYCVZcS7HJ0Pe58wXmpT%2B"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa290b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 5805
GET H3	200	0iShHhASp5q1SL4JhtwJiw_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/07/	12 KB 12 KB	60ms 59ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/07/0iShHhASp5q1SL4JhtwJiw_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3951ee776ddd1c565f08b4784352be94d617e14f6e56bcdfd8c57b87855d89c2 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Fri, 23 Jul 2021 03:35:16 GMT server cloudflare etag "60fa38f4-2e86" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTUkGDTWrM3KZKojcQPcU3ikavC0G7sP2jrzcT444ehQh%2Bna%2FQEOq0Dcy9OIy7qGYuE6xLJI%2FpD4KwGtrct2aUi4D52JHw5aGG85QI3vwRbIQrbMpnDk67JgxpKevP71C28tnSzoACvV8EwSrpN4R1JOYX%2FB"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa390b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 11910
GET H3	200	Untitled-5-copy.png hd.yalla-shoot.io/wp-content/uploads/2021/08/	18 KB 18 KB	60ms 59ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/08/Untitled-5-copy.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 739aa815e978c889b91ba03ede09a6f3e5f953857d8564074352cb844d4a26ef Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 07 Aug 2021 03:05:58 GMT server cloudflare etag "610df896-4657" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGQ%2B9MyoEBkVxvr66k7I9EmTF12ts%2BQLOK%2BNIi9DdAVsz%2FzXlbEwEPBgJHTSoX6D3ofvVA5nv6BB8xXqOfTX0cP%2BVo9Qy%2F0x1JlLKdZjHqpBclPpwltuyZckbmO%2Fbb4oDcfYtXlJFmt6s56enH%2B6%2FKpbyjiT"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa490b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 18007
GET H3	200	jcKKlUVaNw3br9cIyOKmQA_96x96.png hd.yalla-shoot.io/wp-content/uploads/2022/02/	5 KB 5 KB	61ms 60ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2022/02/jcKKlUVaNw3br9cIyOKmQA_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e261ce61a9b803e3337b452ffedcc63ec5eec5ad858e60258502ce258d2022e Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Fri, 18 Feb 2022 04:40:36 GMT server cloudflare etag "620f2344-134d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbeMadDZTNvY6%2Fupw3eO3fTIuNpu1gSCSODcRJU1IN5fXtUZer5S7yaxTVXUEXhnxQHndmDGTO4AhefvlSBW2bLTWq3gMUKtaVgAYm%2FW9Q32xCgedO2xTua%2FN8p2apiCWHeXO%2BXjV85EqkJn31ze8G9ZA4PB"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa590b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 4941
GET H3	200	VoKsJ6RitaHGhsM62e6AXQ_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/07/	8 KB 9 KB	36ms 35ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/07/VoKsJ6RitaHGhsM62e6AXQ_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28c33e9f6778c5ecef99513343b186c525965b39d6c243c4d676b65980afd81e Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Sat, 24 Jul 2021 05:26:30 GMT server cloudflare etag "60fba486-2194" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7S4lVysWYxi%2FePa8tLoeAr3BYAEYxmk5o3kymyx6m41S4CUgJK4LnZOLVg3HqFxSa2yVhQmB3WyFIG8beNb2f3ancn2aX1cSJQHb6CagNCAbOysuJSsvPP12esKJ6%2BRe79UJMGRM7%2FBEbl5Lo%2BEwd5sRsJs"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa690b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 8596
GET H3	200	download-3.png hd.yalla-shoot.io/wp-content/uploads/2021/07/	8 KB 9 KB	61ms 60ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/07/download-3.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16a5ce5934d75798b46be01081158c51f74c5afab13bb0be004a1dd875578ad7 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Wed, 21 Jul 2021 00:06:45 GMT server cloudflare etag "60f76515-2154" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMyQGJvG2Ku%2B815lPEPvmiXu3%2BT6erNG199zeSY1AO9GtOC2ttGf%2BbCgHbgUw7jc6crxYBTy%2FR5TP6CuT2C%2FiodQBTC2ho3sEutILKG4ckt%2BmQsHqNTsPFX2fw7IWwOuIn0vY3tEvnyH4VXkBDiPoS3EMT1z"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa890b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 8532
GET H3	200	i5LifmxEVIl0sbvIysiyhw_96x96.png hd.yalla-shoot.io/wp-content/uploads/2021/10/	10 KB 11 KB	62ms 62ms	Image image/png	2606:4700:3038::6815:ea8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hd.yalla-shoot.io:2096/wp-content/uploads/2021/10/i5LifmxEVIl0sbvIysiyhw_96x96.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ea8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ccbdfa9d42cf24732366ce8c2b397e1fa1df53fe715855b0d641f8f2b5de0d2 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/M/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT cf-cache-status DYNAMIC last-modified Wed, 27 Oct 2021 13:30:14 GMT server cloudflare etag "61795466-2897" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDP4H9Pyo47FYcM8WLbg65kewMKcw6Bpyr7ME6F59TfJApx8OC9nOUPmC%2FWzPDjfeM0Fd2KNZNZB1flgVEu%2FXps5yH8ZpRul8vcAj0wkH0%2BArqP9WG5ak01EV5fTgFoz4Uk1Lc1xJeir8mR1RLLHGTP1TNFY"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 700f2bdfaaa990b5-FRA alt-svc h3=":2096"; ma=86400, h3-29=":2096"; ma=86400 content-length 10391
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	50ms 12ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 4163 date Sun, 24 Apr 2022 12:17:11 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 24 Apr 2022 14:17:11 GMT
GET H3	200	pubads_impl_2022041801.js Show response securepubads.g.doubleclick.net/gpt/	362 KB 123 KB	44ms 13ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 07:33:23 GMT content-encoding gzip x-content-type-options nosniff age 21191 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 125970 x-xss-protection 0 last-modified Mon, 18 Apr 2022 08:34:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 24 Apr 2023 07:33:23 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	215 B 152 B	52ms 22ms	XHR application/json	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hd.yalla-shoot.io%3A2096 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash fd27f74d4868f5f00c5f4cd68bf60a57a09a18af02abb1a1ce62b3648655846b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Apr 2022 13:26:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127 x-xss-protection 0 expires Sun, 24 Apr 2022 13:26:34 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	48ms 20ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=708627079&t=pageview&_s=1&dl=https%3A%2F%2Fhd.yalla-shoot.io%2FM%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=882195672&gjid=1735573747&cid=522715690.1650806794&tid=UA-107335079-1&_gid=1987757764.1650806794&_r=1&gtm=2ou4k0&z=296536888 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://hd.yalla-shoot.io:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 24 Apr 2022 13:26:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://hd.yalla-shoot.io:2096 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	98ms 25ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=hd.yalla-shoot.io Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Apr 2022 13:26:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	59ms 22ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=hd.yalla-shoot.io Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Apr 2022 13:26:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	948 B 549 B	491ms 490ms	XHR text/plain	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173032700303802&correlator=2410539926938001&eid=31067094%2C31067209%2C31067071%2C31061828&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fif&iu_parts=21939239661%3A22405246745%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=4290626634&sfv=1-0-38&ecs=20220424&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650806794330&lmt=1650806794&dlt=1650806794069&idt=229&biw=1600&bih=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2FM%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=522715690.1650806794&ga_sid=1650806794&ga_hid=708627079&ga_fc=true&btvi=-1&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 856c75500da4c13bb9c8eaf367fbf6c94501873bf21a1b9375af590f34fb1dd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 519 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://hd.yalla-shoot.io:2096 cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	441 B 275 B	803ms 803ms	XHR text/plain	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173032700303802&correlator=2410539926938001&eid=31067094%2C31067209%2C31067071%2C31061828&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fif&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Cresponsivetag&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=2&adks=2355083197&sfv=1-0-38&ecs=20220424&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650806794335&lmt=1650806794&dlt=1650806794069&idt=229&biw=1600&bih=1200&adxs=315&adys=110&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2FM%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&fws=0&ohw=0&ga_vid=522715690.1650806794&ga_sid=1650806794&ga_hid=708627079&ga_fc=true&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 032bd548e0568bd20022f9e1a4bc27f445c9bac5b67523a1e778027b55bf2ad2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:35 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 245 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://hd.yalla-shoot.io:2096 cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 9 KB	971ms 971ms	XHR text/plain	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173032700303802&correlator=2410539926938001&eid=31067094%2C31067209%2C31067071%2C31061828&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fif&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=3&adks=3015207014&sfv=1-0-38&ecs=20220424&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650806794338&lmt=1650806794&dlt=1650806794069&idt=229&biw=1600&bih=1200&adxs=436&adys=168&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2FM%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&fws=4&ohw=1000&ga_vid=522715690.1650806794&ga_sid=1650806794&ga_hid=708627079&ga_fc=true&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash f2a55eaa95b373802dabba7b57c47e617f3d02ba1b17eeac44ee712e7d100133 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:35 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9209 x-xss-protection 0 google-lineitem-id 5778121850 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138361598025 content-type text/plain; charset=UTF-8 access-control-allow-origin https://hd.yalla-shoot.io:2096 cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	441 B 270 B	312ms 312ms	XHR text/plain	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173032700303802&correlator=2410539926938001&eid=31067094%2C31067209%2C31067071%2C31061828&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fif&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Cresponsivetag&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=4&adks=3339941547&sfv=1-0-38&ecs=20220424&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650806794340&lmt=1650806794&dlt=1650806794069&idt=229&biw=1600&bih=1200&adxs=315&adys=1301&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2FM%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&fws=4&ohw=1000&ga_vid=522715690.1650806794&ga_sid=1650806794&ga_hid=708627079&ga_fc=true&btvi=1&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 95d393ce48ef2f533c1d2d6d51dc92c3434a3867002e1e41d40024c858f66d1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 240 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://hd.yalla-shoot.io:2096 cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	52 KB 11 KB	305ms 305ms	XHR text/plain	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1173032700303802&correlator=2410539926938001&eid=31067094%2C31067209%2C31067071%2C31061828&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fif&iu_parts=7047%3A22405246745%2Cnativefeedapl&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&ifi=5&adks=1751743422&sfv=1-0-38&ecs=20220424&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650806794342&lmt=1650806794&dlt=1650806794069&idt=229&biw=1600&bih=1200&adxs=300&adys=2624&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2FM%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1024x0&msz=1000x0&fws=0&ohw=0&ga_vid=522715690.1650806794&ga_sid=1650806794&ga_hid=708627079&ga_fc=true&btvi=2&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 573026ef2c2aa56171f08e19366724e4621fab3f1e4b83beb5c2361ad6a9dede Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11646 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://hd.yalla-shoot.io:2096 access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response b3e5e1a8753af3efdb1042b76d4c55ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ADA6	6 KB 4 KB	74ms 22ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b3e5e1a8753af3efdb1042b76d4c55ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hd.yalla-shoot.io:2096/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 24 Apr 2022 13:26:34 GMT expires Mon, 24 Apr 2023 13:26:34 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads_2022041801.js Show response securepubads.g.doubleclick.net/gpt/	35 KB 13 KB	13ms 13ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022041801.js?cb=31067209 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash 294d469e73c0d495bf74e979c340d8c18a45d4b2bc8de4a651a495c0e0b3fd90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Wed, 20 Apr 2022 11:56:39 GMT content-encoding gzip x-content-type-options nosniff age 350995 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13271 x-xss-protection 0 last-modified Mon, 18 Apr 2022 08:34:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 20 Apr 2023 11:56:39 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	85ms 28ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041801&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b2647768a8a40c870ce30fff6f64d8dc842642b40361cc8098bc5a0feb925796 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Apr 2022 13:26:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10709 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	100ms 25ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 24 Apr 2022 13:26:34 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012203150226000/ Frame F887	222 KB 62 KB	50ms 15ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 183316 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62084 x-xss-protection 0 server sffe date Fri, 22 Apr 2022 10:31:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "fa1474a6dd6481f4" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 22 Apr 2023 10:31:18 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame F887	16 KB 6 KB	74ms 39ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 183316 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5728 x-xss-protection 0 server sffe date Fri, 22 Apr 2022 10:31:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d91e62368f79b48d" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 22 Apr 2023 10:31:18 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame F887	96 KB 29 KB	76ms 41ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 183316 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29618 x-xss-protection 0 server sffe date Fri, 22 Apr 2022 10:31:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9a9baa9802fa29d2" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 22 Apr 2023 10:31:18 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame F887	5 KB 2 KB	81ms 46ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 183316 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1900 x-xss-protection 0 server sffe date Fri, 22 Apr 2022 10:31:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "3393210d007db9ca" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 22 Apr 2023 10:31:18 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012203150226000/v0/ Frame F887	42 KB 13 KB	82ms 47ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 183316 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13669 x-xss-protection 0 server sffe date Fri, 22 Apr 2022 10:31:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "565eca32a909292d" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 22 Apr 2023 10:31:18 GMT
GET H2	200	css fonts.googleapis.com/ Frame F887	4 KB 691 B	70ms 24ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 24 Apr 2022 12:46:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 24 Apr 2022 13:26:34 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 Apr 2022 13:26:34 GMT
GET H2	200	css fonts.googleapis.com/ Frame F887	4 KB 1 KB	70ms 24ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,500&text= Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 24 Apr 2022 11:52:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 24 Apr 2022 13:26:34 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 Apr 2022 13:26:34 GMT
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/13499413586715863570/ Frame F887	92 KB 92 KB	92ms 39ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/13499413586715863570/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qn7mUnRXYpNiqwSjvMVfga0U-hmyg Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8813908dd93e9ab749fa1e638afcb84bfa9df4d08460e6b92c9277e71fec7ec4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 18 Apr 2022 13:52:03 GMT x-content-type-options nosniff age 516871 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93721 x-xss-protection 0 last-modified Sat, 09 May 2020 06:49:51 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 18 Apr 2023 13:52:03 GMT
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/293863387420335894/ Frame F887	23 KB 23 KB	82ms 29ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/293863387420335894/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qlImMl-TVKwzhBdMrwU8lFs0pEUsQ Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de8e1bffc02b4eaa27b05a574b6165d33c1ed8e2680345ee8b97113dfd65890d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Wed, 20 Apr 2022 05:21:23 GMT x-content-type-options nosniff age 374711 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23767 x-xss-protection 0 last-modified Thu, 21 May 2020 11:50:26 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 20 Apr 2023 05:21:23 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame F887	0 0	60ms 60ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CigiRClBlYtzTF5Ty3gOf4ITQC7GYiN5p54nmxf4LloLNhYgWEAEgudvzJmCVgoCAmAegAa_s898CyAEGqQLq8IMTMh-yPuACAKgDAcgDCqoE-wFP0BtyDEVcHpucBrEFsFbjokKJzdVnzYXzqkW0LZ8o2et5F90K5GYjw2OX1ELMIyvH3hCAlQ9ost0NZ9gk7PdB_sBcSQ9q2NHPxJo9v0N5ysivajdvQkODS8NdhuntbOVfL52mkBXr6HsgbJjJPcSnMz6XIL4YVahoVsCD8eNtZPSdlDpr1YrkEw0hP1ygElQ48rcWOKqiUUgv-pCc8mnSZn7lZPESqV7R2HMIDzapmMU4_Ju5GVuBQyoq8fGGJYHaQ5RLuS9G5Ulrb7yCR0U42jlS2dgSThnxQra9FIBcogdR8oOOnpddI0HO2L9HMcpObaah7ZqvPEOfZ8AE-qap7_sC4AQBkgUECAQYAZIFBAgFGASgBjeAB7mTjKABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqYMH0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yMTUyMjk3MTk5Nzg2Njg0gAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAY5MMO&sigh=-hqTGaLiJ10&uach_m=[UACH]&template_id=492 Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers
GET H2	204	l www.google.com/ads/measurement/ Frame F887	0 0	58ms 21ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQX_VMjJY9j1adbgPJYiWzVFiGaIm3wIIdz1Lx7H3jfOKluwWqPpji3xASOetalbu0WMfrcRrd5KEFJ9C9WZL4mQ4KYMA Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers
GET H3	200	ar.png tpc.googlesyndication.com/pagead/images/abg/ Frame F887	3 KB 3 KB	80ms 28ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ar.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sat, 23 Apr 2022 18:59:49 GMT x-content-type-options nosniff server cafe age 66405 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 9421415325968714010 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2737 x-xss-protection 0 expires Sun, 24 Apr 2022 18:59:49 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame F887	344 B 368 B	77ms 25ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 06:46:14 GMT x-content-type-options nosniff server cafe age 24020 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 6766994032117382215 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Mon, 25 Apr 2022 06:46:14 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9F37	13 KB 5 KB	68ms 25ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hd.yalla-shoot.io:2096/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2294 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 24 Apr 2022 12:48:20 GMT expires Mon, 24 Apr 2023 12:48:20 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 00FD	783 B 998 B	49ms 23ms	Document text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 54fa6ac54792e95bd3b4ef54df98c3c4304c465687413369cbd79dcb7e10fb47 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Fd4qppeSsJOHXufDi2Tlfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://hd.yalla-shoot.io:2096/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-Fd4qppeSsJOHXufDi2Tlfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 24 Apr 2022 13:26:34 GMT expires Sun, 24 Apr 2022 13:26:34 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 00FD	0 0	77ms 49ms	Image text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041801&jk=1173032700303802&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame F887	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cdabaeff5a7f45e85cbc2e96f3d89f82ca94da368d2a9750da55ee816d589575 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame F887	16 KB 16 KB	49ms 13ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hd.yalla-shoot.io:2096 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Tue, 19 Apr 2022 14:02:01 GMT x-content-type-options nosniff age 429873 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 19 Apr 2023 14:02:01 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/ Frame F887	15 KB 15 KB	53ms 17ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hd.yalla-shoot.io:2096 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Fri, 22 Apr 2022 01:46:21 GMT x-content-type-options nosniff age 214813 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 22 Apr 2023 01:46:21 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame F887 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	142ms 141ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Redirect headers date Sun, 24 Apr 2022 13:26:34 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response pagead2.googlesyndication.com/bg/ Frame 9F37	35 KB 13 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 12:31:20 GMT content-encoding br x-content-type-options nosniff age 3314 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13694 x-xss-protection 0 last-modified Tue, 19 Apr 2022 11:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 24 Apr 2023 12:31:20 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 9F37	0 9 B	25ms 24ms	Image text/plain	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?-hJwkQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 4DD2	0 0	51ms 50ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9CFN7K4trJOhPYmML-ygmkz5dksFR54LfWmGCmDDCfx2cJmN7eYfVLi8Mqw1UHvD_VwqchlEZV-8Wp-LzgjDkRGvWDtCqWDY4U4veOZT2RQjV-RTVAgX2GOiE0s1GW8DqEfQ2tkbE1PvHXsaeC568FccOOdiSvvoHtoe4lhpnkCKWBuNcTi9F5eWihxPuO5xxINIih_nYqi2X9IYhxvFTpOapEOTJjA7cGgKXYlEUtArYnjxbrI3zUH_vS98dST8fQEoux2dnIbr7Zj8e31ckbSHBI-2F7qFBhYx65Ewbd0cEr07gDj_YS5KFd6MuQiWQ&sai=AMfl-YRPLtZr37zpm2eEFBHVD2upRflf7I5U0_HrLm-e6Ke1EyteWJVtbwfGXIDirtW4yCzSEWO5Qsk7OYiDVo6JTeNFC0gktM2GoT4DAE469Z09fKzl0cohhLvoyF0uQd8f&sig=Cg0ArKJSzEM4wr0rdsliEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: hd.yalla-shoot.io URL: https://hd.yalla-shoot.io:2096/M/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Apr 2022 13:26:35 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	/ Show response ads.projectagoraservices.com/ Frame 4DD2	3 KB 1 KB	75ms 7ms	Script application/javascript	2a02:26f0:3500:11::215:14c8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.projectagoraservices.com/?id=16551&schain= Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:11::215:14c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c9bcc81e0b9641657dafe3db8444c81a5cfd0b8753a0363921d5c13fb5981bcd Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers pragma no-cache date Sun, 24 Apr 2022 13:26:35 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript cache-control private, no-cache, no-store, must-revalidate content-length 1079 expires Sun, 24 Apr 2022 13:26:35 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4DD2	119 KB 37 KB	95ms 26ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:35 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36950 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1650454428054601" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 24 Apr 2022 13:26:35 GMT
GET H2	200	pav2.min.js Show response cdn.projectagora-adtag-library.com/adtag/latest/ Frame 4DD2	32 KB 8 KB	49ms 8ms	Script text/javascript	2a02:26f0:3500:11::215:14d1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=16551&schain= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash b7edd1b091c1961782538d1f5cd59291802509f51460bbcc1ef8f4e8b146bcf5 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:35 GMT content-encoding gzip last-modified Mon, 28 Mar 2022 09:27:16 GMT server UploadServer etag "9aaa7e8ac00d9d5c896999452c73a4e0" vary Accept-Encoding x-goog-hash crc32c=Sr4WFA==, md5=mqp+isANnVyJaZlFLHOk4A== content-type text/javascript x-goog-storage-class STANDARD x-goog-custom-time 1970-01-01T00:00:00Z cache-control private, max-age=86400 x-amz-meta- accept-ranges bytes x-guploader-uploadid ADPycdsuElr4oonYEoe0AxU6GMm0vnQGLrKBtCOlsfg2N-_S-nqHXRzlmpqjJivt7mFvdFzbKvgBZmWNSFM5Iq_wurUFyJX17w content-length 7567
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	81ms 81ms	Image text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041801&jk=1173032700303802&bg=!fX6lfjrNAAYXWUUuN1k7ACkAdvg8Ws6aQk3LuCXllAuBeMZIR5e3RiuYIPUcxIAhN8qOgyTWStpG4QIAAABiUgAAAAVoAQcKAFp1H6prr9UADM8_4m70GZSOtIlHkdE13-MFl51ndihpRvgA5g2JKb9HJaGk3SAP7b5HfzKgnh8qz-27DzoEAytvYtq5DAAQ60DtqmJDt1_F54X9dAcBm44utMWZAq1THQ8XtYCEe-PI8aD6AUi-9gIzD8JQFh_EUSEWGIkl06kNhZ9UafI0Hs0bSfFkCpfsH-OabQbBLwWDqCFIByk261QbOEIkD9YxTJmALqFU6LtHxeVVYSu2wTGBBkKkjDCre6obkfQMFJb3_3HIXDlIVtjQvn1w24KqFoiWDfea9htcJ2hSeuR7R_6NRtt4Mxqy1aMhaqz63CUEeUMgKngYlCuOtz3dHoBj4Ru7x2v7nn9eKAT9PMeCQ7U8bM9OEGsQ4CW507KFJ_Ahq4mbbRleIed4rEUwiexZIh9Mr8ywaCA-C2QzD66SV1hMCLRnO34a0Z65pRUv99npl0iFFb3wbD_1cJmHLiW254vO3U1LiRB2cYw4vWPzYrpVOoMRD2G2ywZPv2gKlbbRK0baC8gc43od14eyIwaW0qE5DbYzh8iIBti-NZtXoUyOG-zRcN-qDNFrn6yHnEHBnvsulHuxaAKw3Z_I085909IQiTcf7tN_3qVtt6DTzBs6KByg8QWx7KLAMoKgVH_IoqFEI072qrXjjyjS389qfjpsmRcugZL4ot0HPnwN6SEfUXkHpH5s8r3JtWBlh_DrZNbG_246roUB_UJx3cFo1kWAXd20FiN1T_1lzpzseGDZ6ZF65xl2Xllsjb5SmaIg8npWsq7SQG3Su8ZHWLh0xbbEznIxo9Q8P0-OnuP55lwWLd2JEPpvUOzRyVAUO07Fo9DUaIWvHf-U_OBsP3HrXHq6-62UF9ilzuM5r2xuD7xgjkBw8nsaMP4nM6-qxqRpaqP-vW5v_mSk33Wfgn6uWiF0MtpeWXUX3mpx1A1ISAANc-niU2yX3vc3yE3Dnqv8CQXquf47qpznNCYD9si5IwqSYUXPsLv1p2QQdoAerDS4iYd-T5LFs3IfolP88Ewl_bqZ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 4DD2	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 18be4d0de4a065703e177a658c1976fe16151d20d9e4268ab2dc9d134577b7d3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Type image/png
GET H2	200	prebid.js Show response cdn.projectagora-adtag-library.com/prebid/latest/ Frame 4DD2	349 KB 112 KB	8ms 8ms	Script text/javascript	2a02:26f0:3500:11::215:14d1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js Requested by Host: cdn.projectagora-adtag-library.com URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:35 GMT content-encoding gzip last-modified Thu, 13 Jan 2022 08:59:57 GMT server UploadServer etag "11268851b1fae583284d891ae77d8f75" vary Accept-Encoding x-goog-hash crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ== content-type text/javascript x-goog-storage-class STANDARD x-goog-custom-time 1970-01-01T00:00:00Z cache-control private, max-age=86400 x-amz-meta- accept-ranges bytes x-guploader-uploadid ADPycdsjm3lF0dMkg8uMA6FbXlBQxO_ITjEeWviUrRoC0-W5BkqAJBf2UpGIhmOVIYI7vd2meIHZWLvVI0KRpxgvcP0 content-length 113743
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 4DD2	0 0	48ms 48ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgpVnYFNl3yat6_2XlkjuS1Ux6OPcUvz8cpQnovUx2dGZMejrs4CXS7y6oiIpiNNUtmAO65b0q43McQZIi5ykZPGU62yiF65E9QUPDJFHC1csUsUqUf8ADSqyPH5QK_8Mh23vuic4QfaKV_426rusd7je7LWAi3SkfB1b3n72-fRptf419rblGByKEYig8O1z8UGHtVfywB6hpiEwCcOuOtW9o-xhNf3yORU8lbKfj3iWL_gpCyt5J2zIhJB4y1AYUg3gzHr5wNee2NwdACqe6P-LtVZc9FLd-rkyjqnlCP-RfF9k9hnSdWXWIXENegi6UrBs&sai=AMfl-YS6d-dJg3Dl6sKL3UeINEGbvstb4WZNPZyV-xB66216hAlaR9AZ-Vu90_Negk9l_w4upWHZ9BdF5x7wEFCcT10YpQ-ybENd6rt7x7oOmBaJCfuzphwHwnn-EA-H6-Mg&sig=Cg0ArKJSzHDZtcdYo4EBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Apr 2022 13:26:35 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Sun, 24 Apr 2022 13:26:35 GMT
GET H2	200	localstore.js Show response script.4dex.io/ Frame 4DD2	483 B 939 B	31ms 15ms	Script application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: cdn.projectagora-adtag-library.com URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1118845 x-amz-request-id tx0c810f9b689a43feb0d6c-0062543d8e x-amz-id-2 tx0c810f9b689a43feb0d6c-0062543d8e last-modified Mon, 11 Apr 2022 14:37:55 GMT server cloudflare etag W/"922cffdd75f7192f75231d92684885aa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2NY0x7Wnrt%2FiyHkVebfV9Rhs207XYXm41EgcoCZOKRVpSzuMV%2FHJt%2BK4MJGZgopPe6nqcKD9ElOZS83WtILPt6CaBxcbBC7RDX6FD1LfB0Pqsy2D0odyXbo5sm7wzZOh701OChO3GCuASNO"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=1800 x-amz-version-id 1649687875786561 cf-ray 700f2be84c449078-FRA
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame 4DD2	0 121 B	54ms 15ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.projectagora-adtag-library.com URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hd.yalla-shoot.io:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://hd.yalla-shoot.io:2096 date Sun, 24 Apr 2022 13:26:35 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/ Frame 4DD2	242 B 1 KB	119ms 85ms	XHR application/json	2602:803:c004:200::140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=300282&zone_id=2149088&size_id=117&rp_schain=1.0,0!projectagora.com,107313,1,,,&rf=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2FM%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=9c0b7ecd-d22f-449a-b432-23ad8782109e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6897097838634405 Requested by Host: cdn.projectagora-adtag-library.com URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash cec743a5c12a28a54af258a8ed2c2b326f740235a919fb50552f86248b00e6f9 Request headers Referer https://hd.yalla-shoot.io:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 24 Apr 2022 13:26:35 GMT Server nginx/1.21.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://hd.yalla-shoot.io:2096 Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 242 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	auction Show response tlx.3lift.com/header/ Frame 4DD2	19 B 512 B	85ms 61ms	XHR application/json	52.59.85.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fhd.yalla-shoot.io%3A2096%2FM%2F&tmax=2000 Requested by Host: cdn.projectagora-adtag-library.com URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-85-35.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://hd.yalla-shoot.io:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 24 Apr 2022 13:26:35 GMT accept-ch sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua content-type application/json; charset=utf-8 access-control-allow-origin https://hd.yalla-shoot.io:2096 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/ Frame 4DD2	171 B 564 B	65ms 22ms	XHR application/json	185.86.138.124 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: cdn.projectagora-adtag-library.com URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068 Request headers Referer https://hd.yalla-shoot.io:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 24 Apr 2022 13:26:34 GMT content-encoding br vary Accept-Encoding, Origin p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://hd.yalla-shoot.io:2096 cache-control no-cache,no-store transfer-encoding chunked access-control-allow-credentials true content-type application/json; charset=UTF-8
GET H2	200	min.js Show response cdn.kdaimo.com/projectagora-483829/ Frame 4DD2	3 KB 3 KB	43ms 8ms	Script text/plain	52.222.214.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.kdaimo.com/projectagora-483829/min.js Requested by Host: cdn.projectagora-adtag-library.com URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-118.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers x-amz-version-id null via 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront) last-modified Wed, 06 Apr 2022 01:00:55 GMT server AmazonS3 age 73350 etag "61e4dbcc663e6d945cd8b7db1c35a1e6" x-cache Hit from cloudfront date Sat, 23 Apr 2022 17:04:06 GMT x-amz-cf-pop FRA56-P3 accept-ranges bytes content-length 2849 x-amz-cf-id gv118jbBkr8pzl3pIOQajbEd_mc2e1yTfZwHS48LKG0hqkAP1sYHBQ==
GET H2	200	adagio.js Show response script.4dex.io/ Frame 4DD2	72 KB 23 KB	53ms 38ms	Fetch application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1118675 access-control-max-age 3000 access-control-allow-methods GET x-amz-request-id tx25306878769240e38991c-0062543dea x-amz-id-2 tx25306878769240e38991c-0062543dea last-modified Mon, 11 Apr 2022 14:37:55 GMT server cloudflare etag W/"e88bab2e9c57f44732eeec31ca508d70" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSNiu48w06AYBId06EdMvoXeg2Xxeog1TBhPBB7JfH%2FsV8PlK7Auo%2F%2BH6eULG%2BXzeHveprLO3I7x8ctJ0YYeCjPznhWHByiti7I%2FnoT4vkZxTDFDPlvBloXSoV9cNUulIsFg%2B77dQEteV%2FJ4"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 access-control-allow-credentials true x-amz-version-id 1649687874851815 cf-ray 700f2be87d1e903d-FRA access-control-allow-headers Authorization
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4DD2	42 B 64 B	81ms 48ms	Fetch image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7oykpubLHs3TvgLFGH_UlMC8qnyRGjA1bNvopha3E28XP2CtmsqacHkI7-Zid2Ike_cmv21t4TjJXOz9VbE9LPdIMuDnS7fb4zAeKNs85zqSUViib&sig=Cg0ArKJSzHL5JzKjZ6oVEAE&id=lidar2&mcvt=1000&p=168,640,268,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3015207014&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650806795328&rpt=214&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers pragma no-cache date Sun, 24 Apr 2022 13:26:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	ImgSync image8.pubmatic.com/AdServer/ Frame 4DD2 Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=156400 https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUQxN0ZEQ0UtN0YyOS00NUY2LTk0QTEtNTk1RjdGRkJDRTYz&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=	0 219 B	19ms 19ms	Image text/plain	185.64.190.79
General Check archive.org Show headers Download Go to Show image Full URL https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= Protocol H2 Server 185.64.190.79 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 24 Apr 2022 13:26:37 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= date Sun, 24 Apr 2022 13:26:39 GMT cache-control no-store, no-cache, private x-lat lhrpug019:0:421 server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame 4DD2 Redirect Chain https://eb2.3lift.com/sync?px=1&src=prebid& https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=	70 B 265 B	172ms 31ms	Image image/gif	52.223.40.198
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent= Protocol H2 Server 52.223.40.198 -, , ASN (), Reverse DNS Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://hd.yalla-shoot.io:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers pragma no-cache date Sun, 24 Apr 2022 13:26:38 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" Redirect headers location https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent= date Sun, 24 Apr 2022 13:26:38 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"