www.sayellow.com Open in urlscan Pro
41.76.208.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269
Submission: On March 11 via manual (March 11th 2022, 8:54:21 am UTC) from DE — Scanned from ES

Summary HTTP 100 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 100 HTTP transactions. The main IP is 41.76.208.172, located in South Africa and belongs to Afrihost, ZA. The main domain is www.sayellow.com.
TLS certificate: Issued by R3 on December 25th 2021. Valid for: 3 months.

This is the only time www.sayellow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	41.76.208.172 41.76.208.172	37611 (Afrihost) (Afrihost)
8	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
100	24

5 41.76.208.172 (South Africa)

ASN37611 (Afrihost, ZA)
PTR: mail.sayellow.com

www.sayellow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.sayellow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.sayellow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	sayellow.com www.sayellow.com cdn.sayellow.com api.sayellow.com	229 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	234 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	209 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	249 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	28 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430	37 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	28 KB
4	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	274 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	82 KB
2	gstatic.com www.gstatic.com	18 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	72 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
1	google.es adservice.google.es — Cisco Umbrella Rank: 37634	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
100	16

	Domain	Requested by
18	cdn.sayellow.com	www.sayellow.com cdnjs.cloudflare.com
14	static.criteo.net	ads.eu.criteo.com
8	pagead2.googlesyndication.com	www.sayellow.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	cdnjs.cloudflare.com	www.sayellow.com cdnjs.cloudflare.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	www.facebook.com	connect.facebook.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.sayellow.com googleads.g.doubleclick.net
4	static.xx.fbcdn.net	www.facebook.com
4	csm.eu.criteo.net	ads.eu.criteo.com
3	api.sayellow.com	cdnjs.cloudflare.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	cdnjs.cloudflare.com connect.facebook.net
2	www.gstatic.com	cdnjs.cloudflare.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.sayellow.com	cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagmanager.com	cdnjs.cloudflare.com
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	www.sayellow.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.es	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
100	24

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.linkedin.com
www.instagram.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
sayellow.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.es GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-18` - `2022-03-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269
Frame ID: 59853951A33578777DDEBECD4994F567
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: B796129A01CFB3502A07992B12A6AD94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&adk=1812271804&adf=3025194257&lmt=1646988855&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855302&bpp=7&bdt=374&idt=312&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3284035824515&frm=20&pv=2&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: 6D44AB43755CAB4D5E135D18EEB82E7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&h=90&slotname=8557861035&adk=1397050671&adf=324021390&pi=t.ma~as.8557861035&w=822&fwrn=4&fwrnh=100&lmt=1646988855&rafmt=2&psa=0&format=822x90&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855719&bpp=6&bdt=791&idt=6&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3284035824515&frm=20&pv=1&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=169&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9u1Xrehix1&p=https%3A//www.sayellow.com&dtd=11
Frame ID: E70F18B1D6C283FCCB6923E792227038
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&h=600&slotname=5953577136&adk=4257294267&adf=2293224743&pi=t.ma~as.5953577136&w=300&fwrn=4&fwrnh=100&lmt=1646988855&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855737&bpp=16&bdt=809&idt=16&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C822x90&nras=1&correlator=3284035824515&frm=20&pv=1&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9sXRGAiDPj&p=https%3A//www.sayellow.com&dtd=19
Frame ID: 28FB1F6A2A23408B101A56670868E453
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CvOayNw4rYr3oL4qdmLAPvLKzgAvJntKxXNWdkfdwwI23ARABIABg1bXXAoIBF2NhLXB1Yi0yMTQyMTg2NjU2NTkyODgyoAHVttLqA8gBCakCxeJdgjx2sj6oAwGqBMsBT9DKp2cSLKcXEpDZ389r8G8VXJXRkJlAPkB8y8ZETpx38tvgfRsSsrCUnkL7f1dgm4R5SVEVGgeDgdIxRviuqL99XAe-KH0feHdPI6zPp3N29743j4pT2HLDRJ7NS7__ioPKfnyCy1VuEVR-kvmtDba-23T8vGKa65P5hX8xOlJOYGYaq429t_0uKfFI2dzDk5f2599hSWq-2Pf75h4p63bfgAeoLT8xwOcH9Sv74JLaJz-jiArWlj8F2ZKaSFh1zV8Tb1bd9eu5_JmABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTQyMTg2NjU2NTkyODgyGAA&sigh=qoTjZNZ7HCA&uach_m=[UACH]&cid=CAQSGwCNIrLMwgIrIXwTdKc5foCL2IpZDVO2ViWpRRgB
Frame ID: 47A748C21ED78F13232C7BB878528DC3
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YisONwAL9D0ABg6KAAzZPMF6kHkXqLEiH2ipfg&u=%7C%2FBn3Z%2B6bHBOu%2BbvVWdsP1QtH6ry7rpLfd1Evmzv7%2BYw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdN3k10AlcYfCnrSFHTSZa-WxJrNX70lti9izXQaAF-FvMr1VE6cuGSWeQlu8iVV4goWIS-VS8qC_i3n3xKQWCQwfcxqTnTgNEsdda1cwXWcGgwGOWYsuCmXHWeAAjeE2_FVa7f39oQouI65mHgnT6jsxqr99DXSkumkeBt0pZqSDfRPpjAFNYbgsja29lgZETqEngb9OB91OBogL7V9u7LQlEVlh-cIIaHi5idGsA-Fx8MPebqpRUsf9olPJX9LxmQiPErjI8a1NltKrAhXawYtV3y_798llJaELtQK3zntEG8AyQHDXFcgusbCGsYtATEBuIwpWoeG0Me3pHaKJfYJHHCDetgk7gVLey-Qpz-8JllDyuu_p2zN2tC8E5eqIT3ruC6vdELr9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnCubNw4rYr3oL4qdmLAPvLKzgAvJntKxXNWdkfdwwI23ARABIABg1bXXAoIBF2NhLXB1Yi0yMTQyMTg2NjU2NTkyODgyoAHVttLqA8gBCakCxeJdgjx2sj6oAwGqBM4BT9DKp2cSLKcXEpDZ389r8G8VXJXRkJlAPkB8y8ZETpx38tvgfRsSsrCUnkL7f1dgm4R5SVEVGgeDgdIxRviuqL99XAe-KH0feHdPI6zPp3N29743j4pT2HLDRJ7NS7__ioPKfnyCy1VuEVR-kvmtDba-23T8vGKa65P5hX8xOlJOYGYaq429t_0uKfFI2dzDk5f2599hSWq-2Pf75h4p63bfgAeobz0QUmCIaThEfIZ59wIFcAPCnIkP94oY_JBIa62scXrFcEE97yaU8NmABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HSE86vS_5vtikvmV0pOpu5roCvw%26client%3Dca-pub-2142186656592882%26adurl%3D
Frame ID: C8EB21B85FAADD78B6EA21DFAB19A8C7
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YisONwAMWZoKUbqNAAdoHiRxycXSfJUra6mz2A&u=%7C%2FBn3Z%2B6bHBPP%2BjH8%2FBygPa1oFmNMnGgwaR24NMRYI64%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYqJg4mIaTjGNrkClDLR8W9g8TxwOkmBv395bVLnXdmw2D9RBm8ts_g6aOps3v11Qh3JRERaiFNeVfu1Ll9_TJ4P9SJrHX-dnU2B_QE62BdwdhaLbf4Wj5KqyCJ1BOryfcusIUmwDidp2ltrt4SAxa30b_WP8QdGyCDLs8XRsU69lAexO1BHBURqoSGqQ2CPfUUKkPTWxEX1ZU4zswbuFfyhaTK2JHmqfHTp1wQwXPG2hIw3GsY-1jyL0OUWLW0gKHkSvFgwO2PMGOsbUzk8tlSGWNSnjz3ssLfjSzf-yLIGJsMcY-PZko_ZEg78DaisdRBl0kenWC5vokOBWPUkE80AcltZtfvidptSy2zFipyFgw2wKTLZurFi_f18q5BEmwmpkB09bbsi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRKlNw4rYpqzMY31xgKe0J24Dsme0rFc1Z2R93DAjbcBEAEgAGDVtdcCggEXY2EtcHViLTIxNDIxODY2NTY1OTI4ODKgAdW20uoDyAEJqQJqIU5JMnWyPqgDAaoEzwFP0Ho6LPgrO0di1QqbtmohfpuTyBh5_4gnDj0IDNoI1Z8SKUqErnnmVNmSzSSG-CmkyNqr_XEA3pWm0za040P-YC4fsz3XVlUyiIhYZ1REI_QbeKv3bzddA73TEBlx7aFYbhJWSX92PjXxLUHL3KiZjxI024rpgJSC0UTmP6QZ0edca7T6UJdtei6f3TvHGHPR9G772SIQ0239UZG6-y_hOOkk04VydccOEYT_yeYdga5vUq_zU2D4kD6-9yu8-7cKVgdy0-e8FV5N8446KCyABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3e8Y-bSUd5ykG9a9YFTlyA8BVSrQ%26client%3Dca-pub-2142186656592882%26adurl%3D
Frame ID: C449A68DEC89212DD2F0A7A692FA0CD4
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7D3F15E7F0CC36ACAD94FF10BC321C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA3904B85432AB06BAEF9A084D5251F0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=1398717687052077&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dffdbca69aec00c%26domain%3Dwww.sayellow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sayellow.com%252Ff1b3bb65c4f3864%26relation%3Dparent.parent&container_width=509&href=https%3A%2F%2Fwww.facebook.com%2Fsayellowonline%2F&layout=button_count&locale=en_US&sdk=joey&size=small
Frame ID: 7D2D494B2D34EB94AF394734AD51C3C0
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/share_button.php?app_id=1398717687052077&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b6ab2763bf584%26domain%3Dwww.sayellow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sayellow.com%252Ff1b3bb65c4f3864%26relation%3Dparent.parent&container_width=509&href=https%3A%2F%2Fwww.sayellow.com%2Fview%2Funited-kingdom%2Fnuxgame-in-london&layout=button&locale=en_US&sdk=joey&size=small
Frame ID: 68759F69CCBF697DCF3E94E4FAC4BB19
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NuxGame in London, United Kingdom

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

100
Requests

99 %
HTTPS

83 %
IPv6

16
Domains

24
Subdomains

24
IPs

4
Countries

1521 kB
Transfer

3729 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCNpw5VahshY-pU2L2Q4kZNw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nuxgame/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nuxgame/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nuxgame/

Search URL Search Domain Scan URL

URL: https://twitter.com/nuxgame_com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sayellowonline/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

100 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request @2 Show response
www.sayellow.com/ 96 KB
62 KB 1133ms
599ms Document
text/html 41.76.208.172
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.76.208.172 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

mail.sayellow.com

Software

nginx /

Resource Hash

0a9c3e2521afb149f722b2f1fdfeeb991a3d88fd319b8018464bc97b5f73d65b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9

Response headers

server: nginx
date: Fri, 11 Mar 2022 08:54:14 GMT
content-type: text/html; charset=cp1252
expires: Fri, 11 Mar 2022 09:04:13 GMT
cache-control: max-age=600
pragma: no-cache
x-frame-options: SAMEORIGIN
content-encoding: gzip

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.0/css/ 159 KB
17 KB 112ms
41ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.0/css/bootstrap.min.css

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15468882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17426
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 17:35:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "610acfe0-4412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ba7YUNxqM1%2FhyHgEQWDAyX4uA4F4KMXqV0BkVO3sAyTG9nQpd10LutnEeLNSLO8K8tm4bMcHgwpYROkkxfI8un5sH0imq8PluDHigk79G%2FtCefkwOA4sRPl6Cd4AdIPPH3a1whOP1qzwoaRZaV09IeBv"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ea31077ffb514f5-MAD
expires: Wed, 01 Mar 2023 08:54:15 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 111ms
40ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 811679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hx7dH4%2Ftcgf8xuJdFFiz10JEF%2F6ee6Rvc8I7pPcY3ZDc%2FVE4vGoegMWzQI4pqucIZjfCU%2FwP8i5wTFgSb9iIxYzbPc8flev9oXxlyhTRgnuGH1lB5wlUWqiJFGUVm%2FSSNrzMgOKACDXTqwVDVj8BQhy9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ea31077ffb614f5-MAD
expires: Wed, 01 Mar 2023 08:54:15 GMT

GET
H2 200 css32.css
cdn.sayellow.com/assets/ 9 KB
3 KB 132ms
44ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sayellow.com/assets/css32.css

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57e1f4dd587492a7f09412549059b24bf2922a978e0a608822a80a08c22b8e49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769747
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 11:34:15 GMT
server: cloudflare
etag: W/"61adf537-239f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L70z5Qf06FIrvm%2ByHgDnLPhcfkdS67hTT1yEkCC8tFkiM74wJDUKUpvx%2BFIzYxdvtsxY9a77tdygY1xkWxBL2gEwAKs76Bky2Y3rcMCfxXCMktMgr%2BQLmUYy2lZZBJmb2aJLvIqAl6Mf5KKL9feu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6ea310781f1a66a7-MAD
expires: Fri, 01 Apr 2022 11:05:08 GMT

GET
H2 200 JS22.css
cdn.sayellow.com/assets/ 16 KB
4 KB 771ms
684ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sayellow.com/assets/JS22.css

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1252846f2387e2c124a4cacda5d2218e429e98610d8ef65ba51d7e1e3b60f55f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 11:34:15 GMT
server: cloudflare
etag: W/"61adf537-412c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVpEGhrHZ%2BCFXc4Cz%2F4TIcHM%2Bb39uG3AkGNlIrB4JQr18sVTzdiI8pQvTrsIPKohyBicXA0cvxUFJ3mIk2z9na9lX4TAfwohMpOEW6MmyOlENJqf9tBNFJZkB20uFghKirCWD%2BBdHRkZ4fAscnEy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6ea310781f1b66a7-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 239ms
86ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2142186656592882

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

759895c717b9045c556a913ef76cd1615f2447fbb16a1a63ed8356b3c723432d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sayellow.com/
Origin: https://www.sayellow.com
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53810
x-xss-protection: 0
server: cafe
etag: 6746969413395725486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 08:54:15 GMT

GET
H2 200 Logo.png
cdn.sayellow.com/Images/ 20 KB
21 KB 1215ms
1129ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Logo.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a1d0f8f03083a4e655d0af41e300d521eeb7a05bc3e94cc28ca18f6deeca526

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20551
last-modified: Sun, 18 Jul 2021 12:02:15 GMT
server: cloudflare
etag: "60f41847-5047"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9TY6GJN%2FdHw1XSeUcF7tLfVc8HL6Y%2F2Zc%2FYedf592PU9nyjIpbp%2FdKX2Kv4%2FahRC83LQdHfU9kgYbpO0k3%2FZ5Gwz4PNrAYRUe2Fv5S4tv7dPA6TC6I6ptQK5KEd6jUFtbC0VzIKjQjtAb%2Fkzu7p"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310781f1e66a7-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H2 200 Ico64Draw.png
cdn.sayellow.com/Images/Icons/ 841 B
1 KB 1084ms
998ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Icons/Ico64Draw.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60d8fe3b7f97d06cb2925de5a619810b6491e3420083642e07eb0c3d0cd4341

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 841
last-modified: Fri, 16 Jul 2021 10:40:40 GMT
server: cloudflare
etag: "60f16228-349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aL8KwGytlmQQE9pOWhAfQx1h102%2F2GKR%2Fn9y5SVEuI56GWZaJWE8z13%2BtOfi%2Bw1kcjg%2BI%2Fy56DdLtuECMgxH3b0V1WJYC7QzLrZ8ueCxYFZ0A%2F2K4%2Fu6d2qqYppNUcxqL6kLPFEmQl9CpBCBqInT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310781f2066a7-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H2 200 Ico64Bookmark.png
cdn.sayellow.com/Images/Icons/ 696 B
1 KB 827ms
741ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Icons/Ico64Bookmark.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20428bf5984b326d03ad0d0e2dca1ae48b222bea8beef306b7a9cdaa74cf0229

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 696
last-modified: Fri, 16 Jul 2021 10:48:56 GMT
server: cloudflare
etag: "60f16418-2b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tz4kFhQ4n3GKozuk7yKYlO%2BziG0kesMrViX2XeYtsFa25NJr4Rq0oMVVMIpz0nX8KzuAnoKXTnuwrcowXQStVGgpWnFu2kI2z9JYIzHEPFmxHgCcAD7X478YOzyII%2Bq8VGXNrEi%2F0D3BiKe0j861"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310781f2266a7-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H2 200 Ico64Magnify.png
cdn.sayellow.com/Images/Icons/ 2 KB
2 KB 907ms
821ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Icons/Ico64Magnify.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1036732ef3e1a33a7d3d6a965d2cc08d8785d63f294a4adbec724f05f94e0f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1694
last-modified: Fri, 16 Jul 2021 10:42:00 GMT
server: cloudflare
etag: "60f16278-69e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9fOpOUWg7iLQU3FFnvlRbY60NWpMu4i3sdKohppSQOiuCzdhcmdoOTWXS%2FMSUPbdRwH90IVOpjyg%2BFdur1jKz6RP9bzYIPvn%2F%2BTuZ977gCiNGkDIwGnxmVaD%2Bb%2BIbOKHxIRiepJKz7GId1kYFGA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310781f2466a7-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H2 200 Ico64Key.png
cdn.sayellow.com/Images/Icons/ 2 KB
3 KB 788ms
787ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Icons/Ico64Key.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98305c2c9462edee6cf3003e278fa46362cc743dd1a41c3cc35a99a89320320f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2289
last-modified: Fri, 16 Jul 2021 10:42:13 GMT
server: cloudflare
etag: "60f16285-8f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoVMWtt1GaUrl5tlpl7qmk%2FSL3K%2FqmsbFeQo3nFMksHO9NRl4nKnm2s6ay2dxWJ8uq0URn4tWytvw8okH2jXA1NoUgqgSdoQYODUZHUwC5%2B4bRvPsXyfAvDllqoQXRQQ0Jr9D6mWI9ZfJzArMRXs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310783f6666a7-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H2 200 324255.png
cdn.sayellow.com/MyProfile/cFavIcons/ 1 KB
2 KB 1080ms
1079ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/MyProfile/cFavIcons/324255.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56293de82b750881b0122725ad7cdb69ffc88653f85d4f1dedf75ee8dbde9bb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1470
last-modified: Mon, 28 Feb 2022 08:25:05 GMT
server: cloudflare
etag: "621c86e1-5be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvBOukT4wyIGUZZr6C9IqoqmMpRXUh6vDrlD%2FKlqz%2BFdm9fwWMMTSTYyJh9UX6yuxvqHlXgfWnogRkXv5V4S2cDt5bOKoEE1h5EipAW6MOojyhoj35kt8TcJazqu6m9yVefAyz6ovR8VMNoqJssb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310783f6866a7-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
105 KB 169ms
87ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142186656592882&plah=www.sayellow.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2142186656592882

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f14d36c75db0dce3488fa4897d925ba6784658fff04cdbaa1be2ffb359d7f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107538
x-xss-protection: 0
server: cafe
etag: 13728523870531860664
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 08:54:15 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 76ms
39ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.sayellow.com
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 140287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnGc%2Fl18bnQOCRYqcLXQGzAaNR0JsVS7UGjRckm7ivXu%2BYXATHEsxJ1ejSBx%2FUKhklpCV9pC%2Funbyn52c7KQwtFJ3Bu0Qik6Jzyd5rf3VzR%2BUujsk6KnMssoTC5aw7y1OEt6iOH42c47j9kpkbpC1nKf"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ea3107a084066a1-MAD
expires: Wed, 01 Mar 2023 08:54:15 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 13 KB
14 KB 143ms
107ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.sayellow.com
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2547061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13224
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-33a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kvxgutaSsxQXGC0PKc42ly03NNTYjC%2B0NHAZ5XtEreNl8F4CsSU4OGyGqURVpAEBFi36kcUB1rqREpXvsrD9web2OXsnxW7TJJqqaNSBBaagOd9W7WPNYFCqulRyL%2B6pDrB9ZRmq0F1Q4uKYwMr%2FO8Z"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ea3107a083a66a1-MAD
expires: Wed, 01 Mar 2023 08:54:15 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 75 KB
76 KB 109ms
73ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.sayellow.com
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-12bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKLdtiKd%2FAw9vdOZTD8DViehdYzELsjEAfPtDouacpWrmi4CUYb163MNR9FT5jgwYKP9ynsKVRfJNiNwR3A8%2BG50ou37md99MjPRXXio55pe2zFeQwDNvLOEqhHCu9PPYy%2BmSVTiMc0XIQ%2FgGV%2FLVl1S"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ea3107a083e66a1-MAD
expires: Wed, 01 Mar 2023 08:54:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame B796 10 KB
5 KB 200ms
64ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2142186656592882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 11 Mar 2022 00:08:55 GMT
expires: Fri, 25 Mar 2022 00:08:55 GMT
cache-control: public, max-age=1209600
age: 31520
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 339922.jpg
cdn.sayellow.com/MyProfile/cFavIcons/ 467 B
1 KB 789ms
744ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/MyProfile/cFavIcons/339922.jpg

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0daf718b642d3e681c61a8df1bd71c26612fb09cdbdd6a23166c581f43bd56

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 467
last-modified: Mon, 28 Feb 2022 05:03:38 GMT
server: cloudflare
etag: "621c57aa-1d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9t%2BWAZGN8ZGpjmXARj4zWAYN%2FKWZW%2BANNaX%2FKD0c8o9Yhd17CrlfF1xUCdyboUvG0mCrRQowxI8O77vZ0enrirp5WwqBjs1bZwbYw1ZPGrpXOS4fPShngbjl6y4CmSC2Jh295Qm3r9qGq0fg5j7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea3107a998466a1-MAD
expires: Sun, 10 Apr 2022 08:54:16 GMT

GET
H3 200 337011.png
cdn.sayellow.com/MyProfile/cFavIcons/ 2 KB
3 KB 786ms
742ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/MyProfile/cFavIcons/337011.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb32d0fa63433d583fc0b802d3eada3f67d6d29ddd02eab9bf1d3ab21faf0bea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2547
last-modified: Fri, 11 Mar 2022 07:57:43 GMT
server: cloudflare
etag: "622b00f7-9f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1v%2BdkR4kRlsiVg%2Bg0UVllTaWjipiybzl7xN20i0HKB%2FEzkIaNtbMO5JkJUPSa4f%2Ffno2oqeUpYecHf9ioG0DDcNq%2BszUGj45ugeDhq1nMxez%2BgUnYpTzi3c5XLx%2B4lwzU3Ah77ooVwuyYNl%2FsE9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea3107a997e66a1-MAD
expires: Sun, 10 Apr 2022 08:54:16 GMT

GET
H3 200 340916.png
cdn.sayellow.com/MyProfile/cFavIcons/ 2 KB
2 KB 978ms
934ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/MyProfile/cFavIcons/340916.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3beaadc9f27de2005c133f569e039621f7a9121b512a2ec4009e5f1e6eb3a98e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1742
last-modified: Sat, 26 Feb 2022 06:16:37 GMT
server: cloudflare
etag: "6219c5c5-6ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRXkdsert9J6%2Fg0b4A3egAXAq%2F9umgmDM%2FHIkbjn96KS%2F19pNfEjuVtaHTE3JPy%2Bu8yMeP4edWrtP%2FsTs5gulELMSXpSZHgLaO7G9lhlJc%2FHDqT8VBmjLBBlm31d9C2OtRIOL%2FuP95vJq9p6FfhU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea3107a998066a1-MAD
expires: Sun, 10 Apr 2022 08:54:16 GMT

GET
H3 200 338830.png
cdn.sayellow.com/MyProfile/cFavIcons/ 73 KB
74 KB 1181ms
1138ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/MyProfile/cFavIcons/338830.png

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ad37378107b7c390cd8d9fa4fd1a51a28361f13849dd521aaf82615df1cba6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74931
last-modified: Mon, 14 Feb 2022 23:14:34 GMT
server: cloudflare
etag: "620ae25a-124b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dskdnN3lt%2Ft88jw8zctzQuOBJni4hOcvFV6YKhaEg4KCyPyNHru9K4Lax31J%2F4%2FajKrz8WdQ3MzSzjV0WF1P7rsUCi2qeSKIL6Ontx7vJ2qbp1rrTPIqg8tNF3sv%2BdwodMU5Er0clCW8DAFASllO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea3107a998266a1-MAD
expires: Sun, 10 Apr 2022 08:54:16 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 75ms
39ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1863188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WW9AtTwmBnseCgi0IV7mqdGRYHMOeq9WUFVqhEkIVLnwAlT7jdkOpEUREpP2Jp6EYoVZfH1W88de2dvOILs%2BArZ0FXiU3Z5D78NuLtqryuF9wKMoEX5y8vYj2ke6Leel6Bsv%2ByNcklDGbnf3YaLYmztD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ea3107a8d088675-MAD
expires: Wed, 01 Mar 2023 08:54:15 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.0/js/ 77 KB
20 KB 108ms
72ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.0/js/bootstrap.bundle.min.js

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aebc2552d7dadf4e3a0b80cc830c274e91146584dad8e29b04338b9ecedb363

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1146798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19991
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 17:35:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "610acfe0-4e17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4gHtbiFTcDT3mhnuNoeeazB6sIFHy3t%2BDOMrNiukVIhTaXFmT%2BAPEiK4CYYuk%2B%2F5xic6%2FmRwCsLcMqWoziMcNWREvjUeRKmmav1a0HvHutd9dN5tT%2BW4XfY1I3tuPhegU5goZvjWOS%2Bn7sdbFvat2uJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ea3107a8d098675-MAD
expires: Wed, 01 Mar 2023 08:54:15 GMT

GET
H3 200 js48.js Show response
cdn.sayellow.com/assets/ 60 KB
19 KB 1367ms
1325ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sayellow.com/assets/js48.js

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d31ac26a20de27941ed9a8ec292ec36bb9f2a36168b8ebaab36192e02e8fa1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 11:34:57 GMT
server: cloudflare
etag: W/"61adf561-f000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zx40CELv8a60SBYQquW00XOjbEj2gI05rb77PJ52pQVc%2FVq%2FKyvNIHqqlJU%2FAPXfikX6jiB5GFy9EZd0X0Mjbnk7Q3onE44hHvxGuEyFSk0eIRD2ruTd%2BUHPky4KXymNzrLPQOG%2B8RzkER1PqNu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 6ea3107a997c66a1-MAD
expires: Sun, 10 Apr 2022 08:54:16 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
647 B 192ms
69ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.sayellow.com&callback=_gfp_s_&client=ca-pub-2142186656592882

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142186656592882&plah=www.sayellow.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5b760c7ff61cd2dfc505fd870330c1e75dcb81cefaaacf356ee435e524d2af7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.es/adsid/ 107 B
792 B 227ms
69ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.es/adsid/integrator.js?domain=www.sayellow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 226ms
69ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sayellow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 08:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D44 8 KB
4 KB 286ms
216ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&adk=1812271804&adf=3025194257&lmt=1646988855&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855302&bpp=7&bdt=374&idt=312&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3284035824515&frm=20&pv=2&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b9c343a3cf8e7df5dec9c7c8ddba11c7847860610da6162de906d4323b2945d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Mar 2022 08:54:15 GMT
server: cafe
content-length: 3894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Mar 2022 08:54:15 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E70F 28 KB
10 KB 231ms
230ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&h=90&slotname=8557861035&adk=1397050671&adf=324021390&pi=t.ma~as.8557861035&w=822&fwrn=4&fwrnh=100&lmt=1646988855&rafmt=2&psa=0&format=822x90&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855719&bpp=6&bdt=791&idt=6&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3284035824515&frm=20&pv=1&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=169&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9u1Xrehix1&p=https%3A//www.sayellow.com&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe79616a8792593bc042e4c65781214b8637f4b84e81369e6357d7104b2d846e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Mar 2022 08:54:15 GMT
server: cafe
content-length: 10193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Mar 2022 08:54:15 GMT
cache-control: private

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88ced1249878f864e2d5db4ab848b9f9537343df4db091aaa31cf9a29d40b61a

Request headers

Accept-Language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8969de24e4f2a812e4fb43762afb881ef0822affc075646fb08111797d2422ad

Request headers

Accept-Language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28FB 22 KB
9 KB 238ms
238ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&h=600&slotname=5953577136&adk=4257294267&adf=2293224743&pi=t.ma~as.5953577136&w=300&fwrn=4&fwrnh=100&lmt=1646988855&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855737&bpp=16&bdt=809&idt=16&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C822x90&nras=1&correlator=3284035824515&frm=20&pv=1&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9sXRGAiDPj&p=https%3A//www.sayellow.com&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f260098777334e6b71b1c9a095566f037bbdb0144b1b68821dd3c2f3a252bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Mar 2022 08:54:15 GMT
server: cafe
content-length: 9557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Mar 2022 08:54:15 GMT
cache-control: private

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 47A7 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvOayNw4rYr3oL4qdmLAPvLKzgAvJntKxXNWdkfdwwI23ARABIABg1bXXAoIBF2NhLXB1Yi0yMTQyMTg2NjU2NTkyODgyoAHVttLqA8gBCakCxeJdgjx2sj6oAwGqBMsBT9DKp2cSLKcXEpDZ389r8G8VXJXRkJlAPkB8y8ZETpx38tvgfRsSsrCUnkL7f1dgm4R5SVEVGgeDgdIxRviuqL99XAe-KH0feHdPI6zPp3N29743j4pT2HLDRJ7NS7__ioPKfnyCy1VuEVR-kvmtDba-23T8vGKa65P5hX8xOlJOYGYaq429t_0uKfFI2dzDk5f2599hSWq-2Pf75h4p63bfgAeoLT8xwOcH9Sv74JLaJz-jiArWlj8F2ZKaSFh1zV8Tb1bd9eu5_JmABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTQyMTg2NjU2NTkyODgyGAA&sigh=qoTjZNZ7HCA&uach_m=[UACH]&cid=CAQSGwCNIrLMwgIrIXwTdKc5foCL2IpZDVO2ViWpRRgB

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&h=90&slotname=8557861035&adk=1397050671&adf=324021390&pi=t.ma~as.8557861035&w=822&fwrn=4&fwrnh=100&lmt=1646988855&rafmt=2&psa=0&format=822x90&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855719&bpp=6&bdt=791&idt=6&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3284035824515&frm=20&pv=1&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=169&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9u1Xrehix1&p=https%3A//www.sayellow.com&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Mar 2022 08:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Mar 2022 08:54:16 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 47A7 0
0 199ms
65ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UKjGEvqBMNgFWp2DYgICAAAAj43ec98KPc8QNw4rYjC_TJWrAiPGDk1rABI&wp=YisONwAL9D0ABg6KAAzZPMF6kHkXqLEiH2ipfg

Requested by

Host: www.sayellow.com
URL: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 316823
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C8EB 46 KB
18 KB 199ms
67ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YisONwAL9D0ABg6KAAzZPMF6kHkXqLEiH2ipfg&u=%7C%2FBn3Z%2B6bHBOu%2BbvVWdsP1QtH6ry7rpLfd1Evmzv7%2BYw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdN3k10AlcYfCnrSFHTSZa-WxJrNX70lti9izXQaAF-FvMr1VE6cuGSWeQlu8iVV4goWIS-VS8qC_i3n3xKQWCQwfcxqTnTgNEsdda1cwXWcGgwGOWYsuCmXHWeAAjeE2_FVa7f39oQouI65mHgnT6jsxqr99DXSkumkeBt0pZqSDfRPpjAFNYbgsja29lgZETqEngb9OB91OBogL7V9u7LQlEVlh-cIIaHi5idGsA-Fx8MPebqpRUsf9olPJX9LxmQiPErjI8a1NltKrAhXawYtV3y_798llJaELtQK3zntEG8AyQHDXFcgusbCGsYtATEBuIwpWoeG0Me3pHaKJfYJHHCDetgk7gVLey-Qpz-8JllDyuu_p2zN2tC8E5eqIT3ruC6vdELr9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnCubNw4rYr3oL4qdmLAPvLKzgAvJntKxXNWdkfdwwI23ARABIABg1bXXAoIBF2NhLXB1Yi0yMTQyMTg2NjU2NTkyODgyoAHVttLqA8gBCakCxeJdgjx2sj6oAwGqBM4BT9DKp2cSLKcXEpDZ389r8G8VXJXRkJlAPkB8y8ZETpx38tvgfRsSsrCUnkL7f1dgm4R5SVEVGgeDgdIxRviuqL99XAe-KH0feHdPI6zPp3N29743j4pT2HLDRJ7NS7__ioPKfnyCy1VuEVR-kvmtDba-23T8vGKa65P5hX8xOlJOYGYaq429t_0uKfFI2dzDk5f2599hSWq-2Pf75h4p63bfgAeobz0QUmCIaThEfIZ59wIFcAPCnIkP94oY_JBIa62scXrFcEE97yaU8NmABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HSE86vS_5vtikvmV0pOpu5roCvw%26client%3Dca-pub-2142186656592882%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&h=90&slotname=8557861035&adk=1397050671&adf=324021390&pi=t.ma~as.8557861035&w=822&fwrn=4&fwrnh=100&lmt=1646988855&rafmt=2&psa=0&format=822x90&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855719&bpp=6&bdt=791&idt=6&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3284035824515&frm=20&pv=1&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=169&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9u1Xrehix1&p=https%3A//www.sayellow.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0ca4b7abcae4e7fbf7d7b5db82f2c696c6488f7dee2140832cb5b8005244d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CrZ5KvIULiMajHG2aKm9zvZtoiVzftew9iHkpabLOP_laFX1bTyHKCQISMFaQg4059jcE1oCNx9q31bwjYmqKRNJhKKbIe0VWLkbwo9jNzF1TL7vPW6pqK1VR2vXNzko1GveQ2yWPnKzQszkDhIE1BuKDDaKJ-2BhBAPCLySrCw4v0e0fmMo3sGtYjpx8zLeCxqW5rNre9tSf43zjWgPJjZixxtGsRzQdRmLC5P2l-iVAZPeXBj_EhwCBLnjZ0kIt-gonA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 4041967
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 47A7 2 KB
1 KB 213ms
76ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 08:49:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47A7 117 KB
36 KB 217ms
84ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 08:54:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 47A7 15 KB
7 KB 199ms
63ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 08:52:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 28FB 0
0 89ms
89ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxYJaNw4rYpqzMY31xgKe0J24Dsme0rFc1Z2R93DAjbcBEAEgAGDVtdcCggEXY2EtcHViLTIxNDIxODY2NTY1OTI4ODKgAdW20uoDyAEJqQJqIU5JMnWyPqgDAaoEzAFP0Ho6LPgrO0di1QqbtmohfpuTyBh5_4gnDj0IDNoI1Z8SKUqErnnmVNmSzSSG-CmkyNqr_XEA3pWm0za040P-YC4fsz3XVlUyiIhYZ1REI_QbeKv3bzddA73TEBlx7aFYbhJWSX92PjXxLUHL3KiZjxI024rpgJSC0UTmP6QZ0edca7T6UJdtei6f3TvHGHPR9G772SIQ0239UZG6-y_hOOkk04VyN8UvgwNwVfWiHbrMgpJVq2nsmoi02TM-T3838PXNzcukkPTJ4DGABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTQyMTg2NjU2NTkyODgyGAA&sigh=9KANLXiML1Q&uach_m=[UACH]&cid=CAQSGwCNIrLMdHQIIEkQZo3bzaywfDlrUl8x4GEaqxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&h=600&slotname=5953577136&adk=4257294267&adf=2293224743&pi=t.ma~as.5953577136&w=300&fwrn=4&fwrnh=100&lmt=1646988855&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855737&bpp=16&bdt=809&idt=16&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C822x90&nras=1&correlator=3284035824515&frm=20&pv=1&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9sXRGAiDPj&p=https%3A//www.sayellow.com&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142186656592882&output=html&h=600&slotname=5953577136&adk=4257294267&adf=2293224743&pi=t.ma~as.5953577136&w=300&fwrn=4&fwrnh=100&lmt=1646988855&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646988855737&bpp=16&bdt=809&idt=16&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C822x90&nras=1&correlator=3284035824515&frm=20&pv=1&ga_vid=1038817136.1646988856&ga_sid=1646988856&ga_hid=1506153361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065371%2C31065469%2C44760495%2C31065515&oid=2&pvsid=2918443918480664&pem=581&tmod=36816939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9sXRGAiDPj&p=https%3A//www.sayellow.com&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Mar 2022 08:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Mar 2022 08:54:16 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 28FB 0
0 159ms
52ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UKjGEv2BMKwC2ASdg2ICAgAAAIBW5WOSZro9EDcOK2JWl61XxgUwx_WKqAAS&wp=YisONwAMWZoKUbqNAAdoHiRxycXSfJUra6mz2A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 297062
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C449 47 KB
18 KB 236ms
130ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YisONwAMWZoKUbqNAAdoHiRxycXSfJUra6mz2A&u=%7C%2FBn3Z%2B6bHBPP%2BjH8%2FBygPa1oFmNMnGgwaR24NMRYI64%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYqJg4mIaTjGNrkClDLR8W9g8TxwOkmBv395bVLnXdmw2D9RBm8ts_g6aOps3v11Qh3JRERaiFNeVfu1Ll9_TJ4P9SJrHX-dnU2B_QE62BdwdhaLbf4Wj5KqyCJ1BOryfcusIUmwDidp2ltrt4SAxa30b_WP8QdGyCDLs8XRsU69lAexO1BHBURqoSGqQ2CPfUUKkPTWxEX1ZU4zswbuFfyhaTK2JHmqfHTp1wQwXPG2hIw3GsY-1jyL0OUWLW0gKHkSvFgwO2PMGOsbUzk8tlSGWNSnjz3ssLfjSzf-yLIGJsMcY-PZko_ZEg78DaisdRBl0kenWC5vokOBWPUkE80AcltZtfvidptSy2zFipyFgw2wKTLZurFi_f18q5BEmwmpkB09bbsi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRKlNw4rYpqzMY31xgKe0J24Dsme0rFc1Z2R93DAjbcBEAEgAGDVtdcCggEXY2EtcHViLTIxNDIxODY2NTY1OTI4ODKgAdW20uoDyAEJqQJqIU5JMnWyPqgDAaoEzwFP0Ho6LPgrO0di1QqbtmohfpuTyBh5_4gnDj0IDNoI1Z8SKUqErnnmVNmSzSSG-CmkyNqr_XEA3pWm0za040P-YC4fsz3XVlUyiIhYZ1REI_QbeKv3bzddA73TEBlx7aFYbhJWSX92PjXxLUHL3KiZjxI024rpgJSC0UTmP6QZ0edca7T6UJdtei6f3TvHGHPR9G772SIQ0239UZG6-y_hOOkk04VydccOEYT_yeYdga5vUq_zU2D4kD6-9yu8-7cKVgdy0-e8FV5N8446KCyABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3e8Y-bSUd5ykG9a9YFTlyA8BVSrQ%26client%3Dca-pub-2142186656592882%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

390629019af7e11b887178e1ca4a0e9f855a4a324bf0a44ba2784343ecb5ac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 11 Mar 2022 08:54:15 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Hyb5ffIULiMajHG2p8LzgIe48ltmCpJaSHtd9WJ3EW1gizLSMyJWCESV8purmqD9udwyqfjq9D5Yc8Ru4m2whqJzb6nitBecuZrIcIp3CGT734LuqH5HxtMtMZp2QaRKkWBUlru109V7cjTvezq0R2fe6xgQfxka729d49wH4ZRLTeFGD-zURs2QpTB6PTdbSoGcDRd0OFz_5XOo_AMvZtPArvXlTRZBVVbu0Ht_R7Vy4Rzt6h98bxl15jjP7SLXvgaSmQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 6083599
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 28FB 2 KB
1 KB 186ms
75ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 08:49:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28FB 117 KB
36 KB 261ms
155ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 08:54:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 28FB 15 KB
6 KB 175ms
66ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 08:52:56 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C8EB 2 KB
1 KB 444ms
313ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YisONwAL9D0ABg6KAAzZPMF6kHkXqLEiH2ipfg&u=%7C%2FBn3Z%2B6bHBOu%2BbvVWdsP1QtH6ry7rpLfd1Evmzv7%2BYw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdN3k10AlcYfCnrSFHTSZa-WxJrNX70lti9izXQaAF-FvMr1VE6cuGSWeQlu8iVV4goWIS-VS8qC_i3n3xKQWCQwfcxqTnTgNEsdda1cwXWcGgwGOWYsuCmXHWeAAjeE2_FVa7f39oQouI65mHgnT6jsxqr99DXSkumkeBt0pZqSDfRPpjAFNYbgsja29lgZETqEngb9OB91OBogL7V9u7LQlEVlh-cIIaHi5idGsA-Fx8MPebqpRUsf9olPJX9LxmQiPErjI8a1NltKrAhXawYtV3y_798llJaELtQK3zntEG8AyQHDXFcgusbCGsYtATEBuIwpWoeG0Me3pHaKJfYJHHCDetgk7gVLey-Qpz-8JllDyuu_p2zN2tC8E5eqIT3ruC6vdELr9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnCubNw4rYr3oL4qdmLAPvLKzgAvJntKxXNWdkfdwwI23ARABIABg1bXXAoIBF2NhLXB1Yi0yMTQyMTg2NjU2NTkyODgyoAHVttLqA8gBCakCxeJdgjx2sj6oAwGqBM4BT9DKp2cSLKcXEpDZ389r8G8VXJXRkJlAPkB8y8ZETpx38tvgfRsSsrCUnkL7f1dgm4R5SVEVGgeDgdIxRviuqL99XAe-KH0feHdPI6zPp3N29743j4pT2HLDRJ7NS7__ioPKfnyCy1VuEVR-kvmtDba-23T8vGKa65P5hX8xOlJOYGYaq429t_0uKfFI2dzDk5f2599hSWq-2Pf75h4p63bfgAeobz0QUmCIaThEfIZ59wIFcAPCnIkP94oY_JBIa62scXrFcEE97yaU8NmABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0HSE86vS_5vtikvmV0pOpu5roCvw%26client%3Dca-pub-2142186656592882%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 adchoices_es.svg
static.criteo.net/flash/icon/ Frame C8EB 2 KB
1 KB 444ms
313ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_es.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a07902e74b2cf6e351af72ff845510189fc55f5579616debbb00d93f753ef090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-765"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C8EB 308 B
636 B 194ms
63ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame C8EB 507 B
835 B 443ms
312ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame C8EB 43 B
347 B 200ms
67ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=HYIJy83EaV1BfKSPYEHZa8KLNpmhTisdLmRVjwNeHrCdLwqx4xn1WgyOx8pCVdEBqkIAB_2Rg3U-eLT-jQnh6yZOCn_LfID2LASarVCqBhB1C30qabwAjWA7CiMiqN8bhVDQIJGTXeWzQdvtgUYlGuATB_7qI0edRZNE8OP8V3wRlicZtZBezRGeJpEmUexsTFJq3Z2gZcqDfVUCDGgzHW06nh4ySCtIpKYP6NNFhixfC6KjknxA3a6p89R767Sz0PIzxmBsOqXudePxr6nUxe_mWbhhafjqYPv5RUCkUDD3l0DESioY3PXoUdIHFH1vAtwNhf1qvME5FNG3KwoJCl6UP4Ikj49AT5-3hq1s6euqDW7-RgKt6R6ovLwnlqpJbOfH89zic4NTUSqbisRtqGg40NUMXjP2kvcyOAH5Yh449gDdwBFUAFkcEv3dZd69fsd2cA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 08:54:15 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3325422
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 a8db0a5112e34732983cfe5862ee0e59_es_banners-728x90-px.jpg
static.criteo.net/design/dt/93579/220228/ Frame C8EB 67 KB
68 KB 256ms
126ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/93579/220228/a8db0a5112e34732983cfe5862ee0e59_es_banners-728x90-px.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

948b0bb738a367e77f60a18fb3e6c1d310f75df4e8b16fe91e1bd1dd15130076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
last-modified: Mon, 28 Feb 2022 10:06:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "621c9eba-10d45"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 68933
expires: Mon, 06 Mar 2023 08:54:16 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C8EB 0
127 B 198ms
70ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=CrZ5KvIULiMajHG2aKm9zvZtoiVzftew9iHkpabLOP_laFX1bTyHKCQISMFaQg4059jcE1oCNx9q31bwjYmqKRNJhKKbIe0VWLkbwo9jNzF1TL7vPW6pqK1VR2vXNzko1GveQ2yWPnKzQszkDhIE1BuKDDaKJ-2BhBAPCLySrCw4v0e0fmMo3sGtYjpx8zLeCxqW5rNre9tSf43zjWgPJjZixxtGsRzQdRmLC5P2l-iVAZPeXBj_EhwCBLnjZ0kIt-gonA&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 08:54:15 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C8EB 2 KB
1 KB 460ms
341ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C8EB 2 KB
1 KB 284ms
284ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C449 2 KB
1 KB 175ms
64ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YisONwAMWZoKUbqNAAdoHiRxycXSfJUra6mz2A&u=%7C%2FBn3Z%2B6bHBPP%2BjH8%2FBygPa1oFmNMnGgwaR24NMRYI64%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYqJg4mIaTjGNrkClDLR8W9g8TxwOkmBv395bVLnXdmw2D9RBm8ts_g6aOps3v11Qh3JRERaiFNeVfu1Ll9_TJ4P9SJrHX-dnU2B_QE62BdwdhaLbf4Wj5KqyCJ1BOryfcusIUmwDidp2ltrt4SAxa30b_WP8QdGyCDLs8XRsU69lAexO1BHBURqoSGqQ2CPfUUKkPTWxEX1ZU4zswbuFfyhaTK2JHmqfHTp1wQwXPG2hIw3GsY-1jyL0OUWLW0gKHkSvFgwO2PMGOsbUzk8tlSGWNSnjz3ssLfjSzf-yLIGJsMcY-PZko_ZEg78DaisdRBl0kenWC5vokOBWPUkE80AcltZtfvidptSy2zFipyFgw2wKTLZurFi_f18q5BEmwmpkB09bbsi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRKlNw4rYpqzMY31xgKe0J24Dsme0rFc1Z2R93DAjbcBEAEgAGDVtdcCggEXY2EtcHViLTIxNDIxODY2NTY1OTI4ODKgAdW20uoDyAEJqQJqIU5JMnWyPqgDAaoEzwFP0Ho6LPgrO0di1QqbtmohfpuTyBh5_4gnDj0IDNoI1Z8SKUqErnnmVNmSzSSG-CmkyNqr_XEA3pWm0za040P-YC4fsz3XVlUyiIhYZ1REI_QbeKv3bzddA73TEBlx7aFYbhJWSX92PjXxLUHL3KiZjxI024rpgJSC0UTmP6QZ0edca7T6UJdtei6f3TvHGHPR9G772SIQ0239UZG6-y_hOOkk04VydccOEYT_yeYdga5vUq_zU2D4kD6-9yu8-7cKVgdy0-e8FV5N8446KCyABvqo5YLpivSJxQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3e8Y-bSUd5ykG9a9YFTlyA8BVSrQ%26client%3Dca-pub-2142186656592882%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 adchoices_es.svg
static.criteo.net/flash/icon/ Frame C449 2 KB
1 KB 452ms
341ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_es.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a07902e74b2cf6e351af72ff845510189fc55f5579616debbb00d93f753ef090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-765"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C449 308 B
636 B 351ms
241ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame C449 507 B
835 B 459ms
349ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame C449 43 B
348 B 179ms
66ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=aUwOEvFvcseE69sh5yF4__qoNCkM-zULPLjkgQcTtpshAO3UwhFHA9PpOZvLWpvLyXjzGknDOXzOfpXHSuY7dPz_I9f1dK3515fU6TY-gPegTyj3QFMVTBadG-LgT8tUdGqCrZW_64F6TEl2v7JVnEZcJLqGunivaGcE2JHgqwROSjQ3GHXqXODJsB7SK3a1ZNchoE6Nqf-zqEMzYFRKceaelA6CrNpFRKv5JZ6WmsbSM2uChLoY8bQykbrTvd8BPgrrlVJtdbaOcviLrJUsipHUOp71FyVzjjE_KvUhAiV1PhT9piVsYTfiKhvGy3TjkNFopDBiKVd7-yyNFy9kWSZvCWA6SUOijlVwQyAnEWKk6QmMNh3yAmYTUdruHNibSI9HRLz2_nSR0I3TVgnZOLHhPkEMFocdngs1Z0qkdvnTweUnZjwvUZ0Cxl_2R5WExkYugA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 08:54:15 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2561679
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 0d30606332c44e6786b33089b8e56a4e_es_banners-300x600-px.jpg
static.criteo.net/design/dt/93579/220228/ Frame C449 152 KB
153 KB 351ms
241ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/93579/220228/0d30606332c44e6786b33089b8e56a4e_es_banners-300x600-px.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3e9114f32d25ac28d1211c2e711252ee6229341309338692c931a0a20d829ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
last-modified: Mon, 28 Feb 2022 10:06:44 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "621c9eb4-260ed"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 155885
expires: Mon, 06 Mar 2023 08:54:16 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C449 0
127 B 183ms
70ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Hyb5ffIULiMajHG2p8LzgIe48ltmCpJaSHtd9WJ3EW1gizLSMyJWCESV8purmqD9udwyqfjq9D5Yc8Ru4m2whqJzb6nitBecuZrIcIp3CGT734LuqH5HxtMtMZp2QaRKkWBUlru109V7cjTvezq0R2fe6xgQfxka729d49wH4ZRLTeFGD-zURs2QpTB6PTdbSoGcDRd0OFz_5XOo_AMvZtPArvXlTRZBVVbu0Ht_R7Vy4Rzt6h98bxl15jjP7SLXvgaSmQ&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 08:54:15 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C449 2 KB
1 KB 432ms
328ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C449 2 KB
1 KB 285ms
284ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:54:16 GMT

GET
DATA 200
OK truncated
/ Frame 47A7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e28c91369d6a73029cbe6adb7c80ee60bab9ee86f9029da780ec726e9ad61be

Request headers

Accept-Language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 28FB 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46fd4872a8f139e5f4b3af0a6bd40b665318d0fa4c67830cfd56e1b7eb2258a7

Request headers

Accept-Language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 @2 Show response
api.sayellow.com/ 20 B
257 B 828ms
286ms XHR
application/json 41.76.208.172
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sayellow.com/@2?ajax=16&loc=0&cat=0&id=1649269

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.76.208.172 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

mail.sayellow.com

Software

nginx /

Resource Hash

45e6ed197cdc42879219b46e2c3213a8753bb7dce29351f719e3b1554b9ecc71

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.sayellow.com/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 08:54:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=cp1252
access-control-allow-origin: https://www.sayellow.com
cache-control: no-cache, no-store, max-age=0, must-revalidate, private
content-length: 20
expires: Fri, 11 Mar 2022 08:54:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 141ms
72ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

819d706e6a98034775aa6c0715b3142f78c4dbf099ba47eccc064050d1bfa330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10759
x-xss-protection: 0

GET service.js
www.sayellow.com/ Frame 0
0

GET
H2 200 HeaderFooter.html Show response
www.sayellow.com/Support/ 7 KB
2 KB 233ms
233ms XHR
text/html 41.76.208.172
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sayellow.com/Support/HeaderFooter.html

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.76.208.172 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

mail.sayellow.com

Software

nginx /

Resource Hash

a08a906a4726ba6d2c707ce71989d23f65d3782a9fe0d8a27aaa3712493d29d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.sayellow.com/@2?Cli_ReferenceNumber=1649269
X-Requested-With: XMLHttpRequest
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 11:34:15 GMT
server: nginx
etag: W/"61adf537-1bcb"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=2592000
expires: Sun, 10 Apr 2022 08:54:16 GMT

GET
H3 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent/3.1.1/ 20 KB
6 KB 41ms
41ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent/3.1.1/cookieconsent.min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15469140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5908
timing-allow-origin: *
last-modified: Mon, 25 May 2020 12:38:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ecbbc44-50d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFNel0R3C%2BV%2BtiDYvYf3vMZNLbmd7LDbBDWKaIki4eQC%2Fe%2FVSvRZOC9NFpmoWs%2Fj8W6C%2FfO3mnyh%2BjNye9bgzXY0v7e9KSdECsFNoogdWroCQ2hMGY%2BYn7NKeJeHVpbMdG8PSi7Yaw%2Bq0euW0kO8S3E3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ea31082ff788675-MAD
expires: Wed, 01 Mar 2023 08:54:16 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.24.0/ 20 KB
7 KB 191ms
61ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.24.0/firebase-app.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

577dcb3549464de6d88c4726ca6a3c84e9f76e0e465715f8dfd8149b75890209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6636
x-xss-protection: 0
last-modified: Thu, 15 Oct 2020 21:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Mar 2023 17:30:36 GMT

GET
H2 200 @2 Show response
api.sayellow.com/ 0
227 B 800ms
270ms XHR
application/json 41.76.208.172
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sayellow.com/@2?ajax=10&Ref=1649269&_=1646988855763

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.76.208.172 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

mail.sayellow.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.sayellow.com/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 08:54:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=cp1252
access-control-allow-origin: https://www.sayellow.com
cache-control: no-cache, no-store, max-age=0, must-revalidate, private
content-length: 0
expires: Fri, 11 Mar 2022 08:54:16 GMT

GET
H2 200 @5 Show response
api.sayellow.com/ 0
90 B 799ms
269ms XHR
text/plain 41.76.208.172
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sayellow.com/@5?_=1646988855764

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

41.76.208.172 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

mail.sayellow.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.sayellow.com/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 08:54:17 GMT
server: nginx
content-length: 0
x-frame-options: SAMEORIGIN

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 186ms
61ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a2153e17d583d684d6b3c36b8495f9f1623214a0cebdc5d908ee6ed27a9cd33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HjgbiSMQVd5Hbm2BqmbAAg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 11 Mar 2022 09:08:14 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: HnDO7LjXphI+P3j/t2rVamfvZFP+ts3xxOXG23XpZ8Ms5MZSHEloseJmW9v9pE9VDhIvD3sYG2/Unvb+kOWskg==
x-fb-trip-id: 917726464
x-fb-content-md5: 7b9c2f8b1a6db633a64b0a97ccefaebd
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Mar 2022 08:54:16 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fbd319cf73caaa895ab8523de5cf1248"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 222ms
70ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-22780609-1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

009f3ddf74eaa1cc8114a5f83c8632a0c50b74bbf0a3b73a203b6ea8eb28d7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36943
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Mar 2022 08:54:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 150ms
76ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 08:54:17 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 280 KB
80 KB 123ms
61ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5da5b36ae4bc4ba7eb0fe4cf6360bc05

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5db73bc5416e51b35973961e6c125021839ba34af5b52204970a3835b9db3d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sayellow.com/
Origin: https://www.sayellow.com
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1OTpln69Ts21v41XSo3Vug==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 11 Mar 2023 07:56:28 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81459
x-fb-rlafr: 0
x-fb-debug: nL4zxswpjb4tGR+3fp8eciq6fspuTaMk9PBWv3vedBeUlcQb0CC3RWA43U8TMd/3AaqdDi/rJUv1ftgQef2TFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 81cfa9faf7e5f7e895f3de97e297a7a8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Mar 2022 08:54:17 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "48497ba1253610ab0935e1bfd62e9191"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.24.0/ 40 KB
11 KB 175ms
93ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.24.0/firebase-messaging.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b090c352b4698d65d2d9fcd3c4b41e5f50d017e4caa48f2eef492c6a61adffb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 06:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10930
x-xss-protection: 0
last-modified: Thu, 15 Oct 2020 21:32:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 11 Mar 2023 06:30:44 GMT

GET
H3 200 Logo.png
cdn.sayellow.com/Images/ 20 KB
21 KB 41ms
41ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Logo.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a1d0f8f03083a4e655d0af41e300d521eeb7a05bc3e94cc28ca18f6deeca526

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20551
last-modified: Sun, 18 Jul 2021 12:02:15 GMT
server: cloudflare
etag: "60f41847-5047"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycNtdsz6FbD0cKxNPYLQE%2FKaKGXoK%2FGYlgb0LdDkWqK3sz8%2Bz2526YdUfzhhlEqoIL22yEPD7GSmv8B%2FG6wGCgLjKfTFT4YLXS8d6xc8dnyltLkvRokvpQZYI7Y44bNaMFkJar2p6ukGLs734BzZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310846e2666a1-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H3 200 Ico64Draw.png
cdn.sayellow.com/Images/Icons/ 841 B
1 KB 49ms
49ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Icons/Ico64Draw.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60d8fe3b7f97d06cb2925de5a619810b6491e3420083642e07eb0c3d0cd4341

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 841
last-modified: Fri, 16 Jul 2021 10:40:40 GMT
server: cloudflare
etag: "60f16228-349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3es0hNGoMg8dyA4O%2BuOoJQqth8e%2F7cafWE8nSFO%2Fuf5fiUC7hywNcfcyUJRnDliTRI4Jmvr2GFr%2BIRRSK8fCJTkIJZ7v5YkRH8kF8QFoRCQtsu3GOyrKm8ppXd%2BoimqVRsU2WGUlr851%2FBfYj7cX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310846e2a66a1-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H3 200 Ico64Bookmark.png
cdn.sayellow.com/Images/Icons/ 696 B
1 KB 49ms
49ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Icons/Ico64Bookmark.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20428bf5984b326d03ad0d0e2dca1ae48b222bea8beef306b7a9cdaa74cf0229

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 696
last-modified: Fri, 16 Jul 2021 10:48:56 GMT
server: cloudflare
etag: "60f16418-2b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBuGWVDW%2F94Xh%2BPqpfp5hBxZFPpvyPCn547afyFdSINyBP%2Fzw6xzi5zclNG1vz4jt7d%2BILzogHFhaREgyzXGg5YD232OGpLJybcNphE3stqJZ%2B6yzGfD7vhMaaosLRjDsSXXinh6r6pXmcAyN%2BCI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310846e2f66a1-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H3 200 Ico64Magnify.png
cdn.sayellow.com/Images/Icons/ 2 KB
2 KB 41ms
41ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Icons/Ico64Magnify.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1036732ef3e1a33a7d3d6a965d2cc08d8785d63f294a4adbec724f05f94e0f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1694
last-modified: Fri, 16 Jul 2021 10:42:00 GMT
server: cloudflare
etag: "60f16278-69e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoFyW9rsUOtpZYUw6ye%2BIOieBkihfk%2B3%2Bn5Fm5%2BYCe7nGByaStDuqh2u%2BCrbiN%2Bq34OQInoebMUAP2F5ZZJoju4kGql4hTAGndLHsXS9kruFjWTnTFrprrVNUqP6rXBivJa9ut2kM3DL5Xaetf4L"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310846e3266a1-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H3 200 Ico64Key.png
cdn.sayellow.com/Images/Icons/ 2 KB
3 KB 49ms
49ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sayellow.com/Images/Icons/Ico64Key.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98305c2c9462edee6cf3003e278fa46362cc743dd1a41c3cc35a99a89320320f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2289
last-modified: Fri, 16 Jul 2021 10:42:13 GMT
server: cloudflare
etag: "60f16285-8f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Bl5XoJDzfWj1vAzH9kNpE%2BPkSXlDQY6D8MKTwig0VMPuMTIrZIG1kqQQSVGTf9%2BORqcBBzdxtQvLPT8Sojw1gnYZtbArG4us3jnVD01He3NOkPGb2R7qN%2B8YQ2op1zcX5339Gyr%2FGrSIFhKxyC%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ea310846e3366a1-MAD
expires: Sun, 10 Apr 2022 08:54:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 209ms
74ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22780609-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4764
date: Fri, 11 Mar 2022 07:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Mar 2022 09:34:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7D3 13 KB
5 KB 60ms
60ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 08:09:58 GMT
expires: Sat, 11 Mar 2023 08:09:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CA39 783 B
1 KB 206ms
70ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c45e82370e31caa8abc0a2b17b41ca2a97fa7c1911fa210e9a1cb9dcaba67f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3UWsuXm54v+3vuCSh4uJIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Mar 2022 08:54:17 GMT
date: Fri, 11 Mar 2022 08:54:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3UWsuXm54v+3vuCSh4uJIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame D7D3 35 KB
13 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 08:09:58 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 209ms
86ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1398717687052077&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5da5b36ae4bc4ba7eb0fe4cf6360bc05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: /Ty3zJiWmPeLPYt7InQfC1w+oD37fKfSxdwwXDETGQyV+LMUg0VahxKIrv45MkI1+a2zqaV6IyiGo86slYv1fg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Fri, 11 Mar 2022 08:54:17 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sayellow.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 183ms
61ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1398717687052077&ev=fb_page_view&dl=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&rl=&if=false&ts=1646988857234&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 11 Mar 2022 08:54:17 GMT

GET
H2 200 like.php Show response
www.facebook.com/v10.0/plugins/ Frame 7D2D 35 KB
14 KB 207ms
113ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=1398717687052077&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dffdbca69aec00c%26domain%3Dwww.sayellow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sayellow.com%252Ff1b3bb65c4f3864%26relation%3Dparent.parent&container_width=509&href=https%3A%2F%2Fwww.facebook.com%2Fsayellowonline%2F&layout=button_count&locale=en_US&sdk=joey&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5da5b36ae4bc4ba7eb0fe4cf6360bc05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7baf66542d6ed90099f121f9b5091b3fdb745129c0ab232ff530fd6db873887f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v10.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: dRYyImckYK6YX41tMvm7Ae29UC6XFl+lA0Dot4VN9Vx0LFfl6+wi4oreAjhRPO8rsM8tu5yFsH16dk4PcKtjEQ==
date: Fri, 11 Mar 2022 08:54:17 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 share_button.php Show response
www.facebook.com/v10.0/plugins/ Frame 6875 43 KB
13 KB 228ms
139ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v10.0/plugins/share_button.php?app_id=1398717687052077&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b6ab2763bf584%26domain%3Dwww.sayellow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sayellow.com%252Ff1b3bb65c4f3864%26relation%3Dparent.parent&container_width=509&href=https%3A%2F%2Fwww.sayellow.com%2Fview%2Funited-kingdom%2Fnuxgame-in-london&layout=button&locale=en_US&sdk=joey&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5da5b36ae4bc4ba7eb0fe4cf6360bc05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

58c9f8fff8e19a8cf8a75e0642c4c6bc4858febb26ca66b3d7669aa9eda25905

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v10.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: b09wv7iybV/Q0CD3Dae6vosUBsNuUq/hBPp8fhxRBtTdRODqc1//xAqQeJ4lJo/zRKfbDOkjzVjdJRFmdbrSBQ==
date: Fri, 11 Mar 2022 08:54:17 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 all
csm.eu.criteo.net/ Frame C8EB 0
127 B 63ms
63ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 08:54:16 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47A7 42 B
64 B 79ms
79ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxKTNeG9QjhwQ-pask7F8mrptPMATr4zImA36Sf_hPPgv2HB01aFfxuVW_KhQRrG2PvEnkYiZafXNPtOzNmTcf&sig=Cg0ArKJSzNXEKldcIZ3iEAE&id=lidar2&mcvt=1010&p=0,0,90,728&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1397050671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646988855975&rpt=318&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 08:54:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C449 0
127 B 63ms
63ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 08:54:16 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 136ms
65ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1506153361&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sayellow.com%2F%402%3FCli_ReferenceNumber%3D1649269&ul=en-us&de=windows-1252&dt=NuxGame%20in%20London%2C%20United%20Kingdom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1669511424&gjid=2132650481&cid=1038817136.1646988856&tid=UA-22780609-1&_gid=1771209542.1646988857&_r=1&gtm=2ou370&z=1832594793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sayellow.com/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 08:54:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sayellow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 28FB 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyofYWXZZZN-FEHbFf5slMBEtpMBZaYgo5HN7FJNm_n2kM5ufrZDLTiPOl2Xtzfm3r8eU_fbuA2SwqMHZ3dUcU&sig=Cg0ArKJSzNpzTc2IzOSwEAE&id=lidar2&mcvt=1005&p=0,0,600,300&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4257294267&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646988855757&rpt=567&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 08:54:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA39 0
0 112ms
112ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=2918443918480664&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D7D3 0
9 B 60ms
60ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2Gr_pA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 7D2D 400 B
768 B 184ms
61ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=1398717687052077&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dffdbca69aec00c%26domain%3Dwww.sayellow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sayellow.com%252Ff1b3bb65c4f3864%26relation%3Dparent.parent&container_width=509&href=https%3A%2F%2Fwww.facebook.com%2Fsayellowonline%2F&layout=button_count&locale=en_US&sdk=joey&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: jjNh08Szkmkj764MSIMaDTAjRki4O9HZONdZzNyDx2B9tVr4RwhCTETpCFGYUauSdK9B3HrCSzaDJ6n/KDA1qw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Mar 2023 05:54:10 GMT

GET
H2 200 IOTHSD9gnEH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y6/l/en_US/ Frame 7D2D 522 KB
137 KB 183ms
62ms XHR
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y6/l/en_US/IOTHSD9gnEH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59d6c448d086b59572bab22f0e3f2636dfcf2a8abf242b9b3725fbdc63b2dc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XXPsWrnOJj43+E4UYeFfDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139314
x-fb-rlafr: 0
x-fb-debug: td6sZY20mnSiFHBIzZUlER0Y3Nm+8AQdljaSJ2HL8JzSddEID+hzNerjTI1UkKtVP2UjkffCiQG8HPWzIO5Tdw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 11 Mar 2023 06:55:43 GMT

GET
H2 200 IOTHSD9gnEH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y6/l/en_US/ Frame 6875 522 KB
136 KB 143ms
61ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y6/l/en_US/IOTHSD9gnEH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/share_button.php?app_id=1398717687052077&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b6ab2763bf584%26domain%3Dwww.sayellow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sayellow.com%252Ff1b3bb65c4f3864%26relation%3Dparent.parent&container_width=509&href=https%3A%2F%2Fwww.sayellow.com%2Fview%2Funited-kingdom%2Fnuxgame-in-london&layout=button&locale=en_US&sdk=joey&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59d6c448d086b59572bab22f0e3f2636dfcf2a8abf242b9b3725fbdc63b2dc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XXPsWrnOJj43+E4UYeFfDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139314
x-fb-rlafr: 0
x-fb-debug: td6sZY20mnSiFHBIzZUlER0Y3Nm+8AQdljaSJ2HL8JzSddEID+hzNerjTI1UkKtVP2UjkffCiQG8HPWzIO5Tdw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 11 Mar 2023 06:55:43 GMT

GET
H2 200 zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 6875 388 B
814 B 141ms
60ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:54:17 GMT
x-content-type-options: nosniff
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 388
x-fb-rlafr: 0
x-fb-debug: jFHSt02ahLwVgMZwS/Q6M5MAGKmbDerZ4jTmWPBGB2cK+deMKxjLpxXcKFwbQSAbQAt8rFBC/VqHWbUd6mgeXA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 01 Mar 2023 00:01:32 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 7D2D 67 B
107 B 154ms
91ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1646988857501&t_start=1646988857501&t_domcontent=1646988857513&t_layout=1646988857816&t_onload=1646988857816&t_paint=1646988857816&t_creport=1646988857816&t_tti=1646988857513&lid=7073763279428524646-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=1398717687052077&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dffdbca69aec00c%26domain%3Dwww.sayellow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sayellow.com%252Ff1b3bb65c4f3864%26relation%3Dparent.parent&container_width=509&href=https%3A%2F%2Fwww.facebook.com%2Fsayellowonline%2F&layout=button_count&locale=en_US&sdk=joey&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 3xQXFicnO5GwFghuedPaSEVTuAJqAVeMMXWHMrFd6vthz0TWxRTI9h09IE55gg/YwzkRscOEvlkmB2iBxRYfrg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Mar 2022 08:54:17 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 83ms
82ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=2918443918480664&bg=!wMOlw4fNAAb7UztL-1M7ACkAdvg8WuuuZEikBJY7u1nPJh9HzPUfVl7pBgHxV3qYpLWVh_B2N7HfTQIAAAB4UgAAAAJoAQeZArMBuQJW08qSu9m484DznzmNyF9wzDVsvTMbEyN0t3K5SX4ZwXjOrsarlwE5H5RtQWNKDc6CpTnKjRDHzAgwak4bPJnAAz60pz3GMYz_xnT_vN14p8JXC3fTpiPMmZ7IggpMQHl_YsCinyIcvCiXi5lptDqJoSHA00l-USYZ3UH7rz0VM4VydCzUyA-T9K9Evvsmj6FlrculvyzM1TMmOhZkcrt96Nx-QtRuDvH0fLg6xwh39K31y3BpaaHBNMVzeude6ryKVLdbkxMSxMZ0GHYNlw4-1y04q5yLmAFAQI9wtH6OqLJN70V1Y6LrIgIZANmLw02oX2Zj_maZKNs7tOsfEZT99Yy5B-bDAxb1Qeu_mMBTG8gh6Q18DReeG6Qlr0mQghpU7kvZEBhtCfjqx4LyAvB2F3LwFRqxagggE3JYigPZuJjztzqfMmtIZG-dMAbEBVU7TtAZTIqJHrt-aKNoKAeBqrk9fwbUFwfpWTFJ9hB6y_NgcDkCCtaIv7YPY8hTrFZwGU3-QarPje5v8qSP7S-lsTMist2rJpSG98pRv1hdbjv3n0Elc8Nb8IYi5mVb31K1gyc-ULLVXME060ssXtbsITUkU4PYyR75orCPOFkhnMX-tWfm5b3fMaBcGXEW4LuaOVucUQoqSE_OMyy4hOLjQ5ByANT7uXi74SwQH4Fw5uFPrcxZVAyAgkjtjSXhH2QC4i3nA5jOUVhmdK78q1GpEemBiIen2tD2cM9Gjgv_WXQvRo2EoHqK_9qnLnzElwWluoF4-OeygQb82vUCVhQpBSgcSDnumKimjJoAXMl2lEbRx9riuDLUpYHqalpDBeMaHlxcW-Xv6D0qD4QVTi2QHX93cI75NuNqo55mVnuxzyjZX1FBniaFYtE7xocPBJZqGARV7g1qEDjuCVovwF6y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.sayellow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 08:54:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 6875 67 B
99 B 95ms
95ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1646988857519&t_start=1646988857519&t_domcontent=1646988857548&t_layout=1646988857918&t_onload=1646988857918&t_paint=1646988857918&t_creport=1646988857918&t_tti=1646988857548&lid=7073763278323529255-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.facebook.com/v10.0/plugins/share_button.php?app_id=1398717687052077&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b6ab2763bf584%26domain%3Dwww.sayellow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sayellow.com%252Ff1b3bb65c4f3864%26relation%3Dparent.parent&container_width=509&href=https%3A%2F%2Fwww.sayellow.com%2Fview%2Funited-kingdom%2Fnuxgame-in-london&layout=button&locale=en_US&sdk=joey&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: EgEGfV8L7nJ6XdSeedXenQQm1I3O3HfIJGCz7i+hxtWBujJwbvnv30TCWUK1/bq2MMiEqumkbcQefYaoik58Uw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Mar 2022 08:54:17 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.sayellow.com
URL: https://www.sayellow.com/service.js

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sayellow.com/	1970-01-20 10:51:24	Name: __gads Value: ID=98db130461f8dcea-2208923559cd003f:T=1646988855:RT=1646988855:S=ALNI_MZRpFxnqULVDgQFOhphpDbwfEeBgg
.doubleclick.net/	1970-01-20 10:51:24	Name: IDE Value: AHWqTUlxwu7XQs8dzVbk0wk4VvrMET4kJba6zk-lfJpXcDvt-3qIshjNFbbDfpTFeTY
.sayellow.com/	1970-01-20 19:01:00	Name: _ga Value: GA1.2.1038817136.1646988856
.sayellow.com/	1970-01-20 01:31:15	Name: _gid Value: GA1.2.1771209542.1646988857
.sayellow.com/	1970-01-20 01:29:48	Name: _gat_gtag_UA_22780609_1 Value: 1
.facebook.com/	1970-01-20 03:39:24	Name: fr Value: 0W13MtLY8X55urEeY..BiKw45...1.0.BiKw45.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.es
api.sayellow.com
cat.nl.eu.criteo.com
cdn.sayellow.com
cdnjs.cloudflare.com
connect.facebook.net
csm.eu.criteo.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
static.criteo.net
static.xx.fbcdn.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sayellow.com
www.sayellow.com
142.250.185.130
178.250.2.148
178.250.2.150
2606:4700::6810:135e
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2001
2a02:2638:1::11
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::7
41.76.208.172
009f3ddf74eaa1cc8114a5f83c8632a0c50b74bbf0a3b73a203b6ea8eb28d7cc
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a2153e17d583d684d6b3c36b8495f9f1623214a0cebdc5d908ee6ed27a9cd33
0a9c3e2521afb149f722b2f1fdfeeb991a3d88fd319b8018464bc97b5f73d65b
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1252846f2387e2c124a4cacda5d2218e429e98610d8ef65ba51d7e1e3b60f55f
12ad37378107b7c390cd8d9fa4fd1a51a28361f13849dd521aaf82615df1cba6
20428bf5984b326d03ad0d0e2dca1ae48b222bea8beef306b7a9cdaa74cf0229
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
24f260098777334e6b71b1c9a095566f037bbdb0144b1b68821dd3c2f3a252bd
2aebc2552d7dadf4e3a0b80cc830c274e91146584dad8e29b04338b9ecedb363
390629019af7e11b887178e1ca4a0e9f855a4a324bf0a44ba2784343ecb5ac83
3beaadc9f27de2005c133f569e039621f7a9121b512a2ec4009e5f1e6eb3a98e
3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa
3e9114f32d25ac28d1211c2e711252ee6229341309338692c931a0a20d829ea3
45e6ed197cdc42879219b46e2c3213a8753bb7dce29351f719e3b1554b9ecc71
46fd4872a8f139e5f4b3af0a6bd40b665318d0fa4c67830cfd56e1b7eb2258a7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0ca4b7abcae4e7fbf7d7b5db82f2c696c6488f7dee2140832cb5b8005244d6
51d31ac26a20de27941ed9a8ec292ec36bb9f2a36168b8ebaab36192e02e8fa1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56293de82b750881b0122725ad7cdb69ffc88653f85d4f1dedf75ee8dbde9bb6
577dcb3549464de6d88c4726ca6a3c84e9f76e0e465715f8dfd8149b75890209
57e1f4dd587492a7f09412549059b24bf2922a978e0a608822a80a08c22b8e49
58c9f8fff8e19a8cf8a75e0642c4c6bc4858febb26ca66b3d7669aa9eda25905
59d6c448d086b59572bab22f0e3f2636dfcf2a8abf242b9b3725fbdc63b2dc7f
5b760c7ff61cd2dfc505fd870330c1e75dcb81cefaaacf356ee435e524d2af7c
5db73bc5416e51b35973961e6c125021839ba34af5b52204970a3835b9db3d1d
5e0daf718b642d3e681c61a8df1bd71c26612fb09cdbdd6a23166c581f43bd56
5e28c91369d6a73029cbe6adb7c80ee60bab9ee86f9029da780ec726e9ad61be
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
759895c717b9045c556a913ef76cd1615f2447fbb16a1a63ed8356b3c723432d
7a1d0f8f03083a4e655d0af41e300d521eeb7a05bc3e94cc28ca18f6deeca526
7b9c343a3cf8e7df5dec9c7c8ddba11c7847860610da6162de906d4323b2945d
7baf66542d6ed90099f121f9b5091b3fdb745129c0ab232ff530fd6db873887f
819d706e6a98034775aa6c0715b3142f78c4dbf099ba47eccc064050d1bfa330
88ced1249878f864e2d5db4ab848b9f9537343df4db091aaa31cf9a29d40b61a
8969de24e4f2a812e4fb43762afb881ef0822affc075646fb08111797d2422ad
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
948b0bb738a367e77f60a18fb3e6c1d310f75df4e8b16fe91e1bd1dd15130076
98305c2c9462edee6cf3003e278fa46362cc743dd1a41c3cc35a99a89320320f
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9c45e82370e31caa8abc0a2b17b41ca2a97fa7c1911fa210e9a1cb9dcaba67f2
9f14d36c75db0dce3488fa4897d925ba6784658fff04cdbaa1be2ffb359d7f18
a07902e74b2cf6e351af72ff845510189fc55f5579616debbb00d93f753ef090
a08a906a4726ba6d2c707ce71989d23f65d3782a9fe0d8a27aaa3712493d29d4
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b090c352b4698d65d2d9fcd3c4b41e5f50d017e4caa48f2eef492c6a61adffb7
b60d8fe3b7f97d06cb2925de5a619810b6491e3420083642e07eb0c3d0cd4341
bb32d0fa63433d583fc0b802d3eada3f67d6d29ddd02eab9bf1d3ab21faf0bea
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8
e1036732ef3e1a33a7d3d6a965d2cc08d8785d63f294a4adbec724f05f94e0f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
fe79616a8792593bc042e4c65781214b8637f4b84e81369e6357d7104b2d846e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.sayellow.com Open in urlscan Pro 41.76.208.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

99 %HTTPS

83 %IPv6

16 Domains

24 Subdomains

24 IPs

4 Countries

1521 kBTransfer

3729 kBSize

6 Cookies

6 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sayellow.com Open in urlscan Pro
41.76.208.172 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

99 %
HTTPS

83 %
IPv6

16
Domains

24
Subdomains

24
IPs

4
Countries

1521 kB
Transfer

3729 kB
Size

6
Cookies

100 HTTP transactions
4 data transactions