URL: https://au.yallababe.ca/login.php
Submission Tags: krdprod
Submission: On December 31 via api from JP — Scanned from CA

Summary

This website contacted 20 IPs in 2 countries across 20 domains to perform 61 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is au.yallababe.ca.
TLS certificate: Issued by R3 on December 31st 2021. Valid for: 3 months.
This is the only time au.yallababe.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
15 cdn.shopify.com au.yallababe.ca
cdn.shopify.com
6 monorail-edge.shopifysvc.com cdn.shopify.com
5 analytics.tiktok.com cdn.shopify.com
analytics.tiktok.com
4 www.pinterest.ca s.pinimg.com
au.yallababe.ca
4 ct.pinterest.com cdn.shopify.com
3 bat.bing.com cdn.shopify.com
bat.bing.com
3 www.google-analytics.com cdn.shopify.com
3 fonts.shopifycdn.com au.yallababe.ca
2 www.facebook.com
2 s.pinimg.com cdn.shopify.com
s.pinimg.com
2 connect.facebook.net cdn.shopify.com
connect.facebook.net
2 app.yeps.io au.yallababe.ca
cdn.shopify.com
1 www.pinterest.com 1 redirects
1 www.google.ca
1 www.google.com
1 ajax.googleapis.com storage.googleapis.com
1 stats.g.doubleclick.net cdn.shopify.com
1 widget.yeps.io app.yeps.io
1 storage.googleapis.com au.yallababe.ca
1 cleancanvas-app-sizechart.s3.amazonaws.com au.yallababe.ca
1 shop.app cdn.shopify.com
1 au.yallababe.ca
0 www.yalla-babe.com Failed au.yallababe.ca
61 23
Subject Issuer Validity Valid
au.yallababe.ca
R3
2021-12-31 -
2022-03-31
3 months crt.sh
cdn.shopify.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-20 -
2022-05-22
a year crt.sh
shop.app
R3
2021-11-25 -
2022-02-23
3 months crt.sh
monorail-edge.shopifysvc.com
R3
2021-12-02 -
2022-03-02
3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-01-11 -
2022-02-11
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-11-27 -
2022-11-26
a year crt.sh
*.storage.googleapis.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-10 -
2022-01-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-26 -
2022-08-05
a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2023-01-13
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2021-12-22 -
2022-06-22
6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.ca
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh

This page contains 3 frames:

Primary Page: https://au.yallababe.ca/login.php
Frame ID: 1BB82AA47EB86BD801C83EF2DD0BA832
Requests: 57 HTTP requests in this frame

Frame: https://www.pinterest.ca/ct.html
Frame ID: CE42FC6AEE9AEF70ECBF014086A2A077
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6841836309117654900342677ECEB516
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

(1) 404 Not Found – yalla babeAmerican ExpressApple PayGoogle PayMastercardShop PayVisa

Detected technologies

Overall confidence: 25%
Detected patterns
  • <link[^>]+=['"]//cdn\.shopify\.com

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <script id="apple-pay

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

98 %
HTTPS

68 %
IPv6

20
Domains

23
Subdomains

20
IPs

2
Countries

744 kB
Transfer

2114 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://au.yallababe.ca/cart/?view=ajax HTTP 302
  • https://www.yalla-babe.com/cart?view=ajax&shpxid=64be670b-0f17-4234-b570-5d1af90c9bed
Request Chain 52
  • https://www.pinterest.com/ct.html HTTP 302
  • https://www.pinterest.ca/ct.html

61 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
au.yallababe.ca/
84 KB
22 KB
Document
General
Full URL
https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e1f6458d672c9e581b93b626d0e4cbaf991e8f29bba87e4cb7115a74dad406
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=82df738e-3342-495c-affa-417a207afdb1
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=82df738e-3342-495c-affa-417a207afdb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
226
x-sorting-hat-shopid
47308308632
x-frame-options
DENY
x-shopid
47308308632
x-shardid
226
x-shopify-generated-cart-token
f774ca7a623ac125d85255832d26329b
content-language
en-AU
strict-transport-security
max-age=7889238
x-alternate-cache-key
cacheable:44d1b3d919ea72f4e7644bceb015fbd1
x-cache
miss
x-shopify-stage
production
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=82df738e-3342-495c-affa-417a207afdb1
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=82df738e-3342-495c-affa-417a207afdb1
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-request-id
82df738e-3342-495c-affa-417a207afdb1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c665892196fece6-YUL
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
stylesheet.css
cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/
251 KB
36 KB
Stylesheet
General
Full URL
https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/stylesheet.css?v=4426886730005178834
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
1e4fd7cef5f44d69d6acb6cd481017b5fcebf3a2a264476518ed2ce240401c9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.852,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
36129
x-xss-protection
1; mode=block
x-request-id
3cec3e24c522f50a245db18d1ffc97a2
x-served-by
cache-lga21947-LGA, cache-yul12830-YUL
last-modified
Sun, 19 Dec 2021 00:27:54 GMT
server
cache-yul12830-YUL
x-timer
S1640983468.319434,VS0,VE1
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 22 Dec 2022 15:32:47 GMT
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/stylesheet.css>; rel="canonical"
x-cache-hits
1, 1
ibmplexsans_n4.a6398ab0461dba440ad5b098a18075662bfc4054.woff2
fonts.shopifycdn.com/ibm_plex_sans/
22 KB
23 KB
Font
General
Full URL
https://fonts.shopifycdn.com/ibm_plex_sans/ibmplexsans_n4.a6398ab0461dba440ad5b098a18075662bfc4054.woff2?h10=ZnIueWFsbGFiYWJlLmNh&h11=dWsueWFsbGFiYWJlLmNh&h12=ZGUueWFsbGFiYWJlLmNh&h13=ZXMueWFsbGFiYWJlLmNh&h14=aXQueWFsbGFiYWJlLmNh&h15=cm9vbW9vc2guY29t&h16=cm9vbW9vc2guY2E&h1=eWFsbGFiYWJlLmNh&h2=bGlwc3RpY2sueWFsbGFiYWJlLmNh&h3=dXMueWFsbGFiYWJlLmNh&h4=bnoueWFsbGFiYWJlLmNh&h5=YXUueWFsbGFiYWJlLmNh&h6=eWFsbGEtYmFiZS5jb20&h7=eWFsbGFiYWJlLnVz&h8=eWFsbGFiYWJlLnN0b3Jl&h9=bXgueWFsbGFiYWJlLmNh&hmac=36f0d0405c79140f086204e4dd3284db3ec019ba790edad0731930eeb25df2ca
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3ce09b92aa9e8aa62033574e4592ba35ffd7faf242fb48e9c368b0c058634134

Request headers

Referer
https://au.yallababe.ca/
Origin
https://au.yallababe.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
via
1.1 varnish
age
11367030
x-guploader-uploadid
ADPycdtUPAH4yjRObAAQ6RdfdtomUYG4K_BxBgSDOr2UOCO_ggFqaJ08VME4wIWAejPQRpMhEnUDz-R3PxW2ugatLhQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
22764
x-request-id
dd86371131feaee4e2cc71968973c1bce6c32242f5f579be09ce6de979edcd5a
x-served-by
cache-yul12829-YUL
last-modified
Fri, 12 Mar 2021 22:53:14 GMT
server
UploadServer
x-timer
S1640983468.318028,VS0,VE0
etag
"d9519153213f229adf5ddc8c0e22e58c"
x-goog-hash
crc32c=fO5RlQ==, md5=2VGRUyE/IprfXdyMDiLljA==
content-type
font/woff2
access-control-allow-origin
*
expires
Mon, 22 Aug 2022 07:13:59 GMT
cache-control
max-age=2629800, immutable
accept-ranges
bytes
x-cache-hits
41060
ibmplexsans_n5.31316299f5f711364f5259b97776ed8684c0fb8d.woff2
fonts.shopifycdn.com/ibm_plex_sans/
23 KB
24 KB
Font
General
Full URL
https://fonts.shopifycdn.com/ibm_plex_sans/ibmplexsans_n5.31316299f5f711364f5259b97776ed8684c0fb8d.woff2?h10=ZnIueWFsbGFiYWJlLmNh&h11=dWsueWFsbGFiYWJlLmNh&h12=ZGUueWFsbGFiYWJlLmNh&h13=ZXMueWFsbGFiYWJlLmNh&h14=aXQueWFsbGFiYWJlLmNh&h15=cm9vbW9vc2guY29t&h16=cm9vbW9vc2guY2E&h1=eWFsbGFiYWJlLmNh&h2=bGlwc3RpY2sueWFsbGFiYWJlLmNh&h3=dXMueWFsbGFiYWJlLmNh&h4=bnoueWFsbGFiYWJlLmNh&h5=YXUueWFsbGFiYWJlLmNh&h6=eWFsbGEtYmFiZS5jb20&h7=eWFsbGFiYWJlLnVz&h8=eWFsbGFiYWJlLnN0b3Jl&h9=bXgueWFsbGFiYWJlLmNh&hmac=5870618e9534b670dc29904e8636f2ccf06ca98fe3434214b736e442d3a8c287
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0bf9d619d7dd490cca58e629b1e07a5c58ce53e8413b4dee09d5a60d76815cc0

Request headers

Referer
https://au.yallababe.ca/
Origin
https://au.yallababe.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
via
1.1 varnish
age
2634582
x-guploader-uploadid
ADPycdvPNwCurCgONX1z5QPqcD6ATk2nshbHpK69wtOG45PeAXtaXs_xakLhn8aa7v2rfQp46ecFQbnVKJyASIzJoBPaAMYDpg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
24024
x-request-id
87834a61dc4a85d125924b9a35f285c4fe777ad21297b145c037ec0db2f42107
x-served-by
cache-yul12829-YUL
last-modified
Fri, 12 Mar 2021 22:53:16 GMT
server
UploadServer
x-timer
S1640983468.318132,VS0,VE0
etag
"5c20d13ce97f42eff683e962902360b1"
x-goog-hash
crc32c=PGOCpQ==, md5=XCDRPOl/Qu/2g+likCNgsQ==
content-type
font/woff2
access-control-allow-origin
*
expires
Thu, 01 Dec 2022 08:54:46 GMT
cache-control
max-age=2629800, immutable
accept-ranges
bytes
x-cache-hits
19
eventemitter3.min.js
cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/
3 KB
1 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/eventemitter3.min.js?v=2793973835332612354
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
9fb5d886979a22a55771fdf4a5888310abec9dd235a420d1659827a5708284a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.597,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
1199
x-xss-protection
1; mode=block
x-request-id
f9425003cee3d1336e7af5f2a634d94d
x-served-by
cache-lga13626-LGA, cache-yul12830-YUL
server
cache-yul12830-YUL
x-timer
S1640983468.319455,VS0,VE1
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/eventemitter3.min.js>; rel="canonical"
x-cache-hits
1, 1
theme.js
cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/
227 KB
62 KB
Script
General
Full URL
https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/theme.js?v=8475699139308342907
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
efb3c441a0372df72067576297682688081310a88a8de34b480bd2246cc8afbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.908,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
63024
x-xss-protection
1; mode=block
x-request-id
e14d5378c9226cd51e9e39ea8aaa777d
x-served-by
cache-lga21978-LGA, cache-yul12830-YUL
server
cache-yul12830-YUL
x-timer
S1640983468.319537,VS0,VE1
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/theme.js>; rel="canonical"
x-cache-hits
1, 1
option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js
cdn.shopify.com/shopifycloud/shopify/assets/themes_support/
9 KB
3 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.150,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
2748
x-xss-protection
1; mode=block
x-request-id
2e8f222cfd87b11345e34a0dbbf00231
x-served-by
cache-lga21944-LGA, cache-yul12830-YUL
server
cache-yul12830-YUL
x-timer
S1640983468.319513,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js>; rel="canonical"
x-cache-hits
1, 267016
load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js
cdn.shopify.com/shopifycloud/shopify/assets/storefront/
10 KB
3 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://au.yallababe.ca/
Origin
https://au.yallababe.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.142,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
2784
x-xss-protection
1; mode=block
x-request-id
95e989fd3a1c222210ddb099c866308f
x-served-by
cache-lga21922-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1640983468.352473,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js>; rel="canonical"
x-cache-hits
2, 1928811
storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/
49 KB
17 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://au.yallababe.ca/
Origin
https://au.yallababe.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.128,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
17353
x-xss-protection
1; mode=block
x-request-id
f385e1ea40508a21c089c34d84c5ffab
x-served-by
cache-lga13621-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1640983468.366617,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits
1, 1488090
features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
cdn.shopify.com/shopifycloud/shopify/assets/storefront/
37 KB
12 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://au.yallababe.ca/
Origin
https://au.yallababe.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.141,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
12298
x-xss-protection
1; mode=block
x-request-id
e624e9bc29b60a2db5947e2486240d8a
x-served-by
cache-lga21932-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1640983468.366822,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits
1, 2323256
trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
cdn.shopify.com/s/
77 KB
16 KB
Script
General
Full URL
https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
f8bab8aa4042ca7b45b599e7d4e496146ebf1b45aabb8ff96ad79393ebd10840
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.265,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
16113
x-xss-protection
1; mode=block
x-request-id
890388141c9e3f50940e20290c408200
x-served-by
cache-lga21927-LGA, cache-yul12830-YUL
last-modified
Wed, 15 Dec 2021 16:30:30 GMT
server
cache-yul12830-YUL
x-timer
S1640983468.369313,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 15 Dec 2022 16:30:43 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js>; rel="canonical"
x-cache-hits
3, 1602521
shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
cdn.shopify.com/shopifycloud/shopify/assets/
7 KB
3 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.313,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
2437
x-xss-protection
1; mode=block
x-request-id
1e9e805e1961fb6c1fcc228b5cc58289
x-served-by
cache-lga21980-LGA, cache-yul12830-YUL
server
cache-yul12830-YUL
x-timer
S1640983468.369424,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js>; rel="canonical"
x-cache-hits
1, 1477264
cart
www.yalla-babe.com/
Redirect Chain
  • https://au.yallababe.ca/cart/?view=ajax
  • https://www.yalla-babe.com/cart?view=ajax&shpxid=64be670b-0f17-4234-b570-5d1af90c9bed
0
0

fontawesome-webfont.woff2
cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/
70 KB
71 KB
Font
General
Full URL
https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/stylesheet.css?v=4426886730005178834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/stylesheet.css?v=4426886730005178834
Origin
https://au.yallababe.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.083,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
71896
x-xss-protection
1; mode=block
x-request-id
a58e9e649131240e6c386ee800345822
x-served-by
cache-lga21968-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1640983468.403582,VS0,VE1
date
Fri, 31 Dec 2021 20:44:28 GMT
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0473/0830/8632/t/55/assets/fontawesome-webfont.woff2>; rel="canonical"
x-cache-hits
1, 1
ibmplexsans_n7.48e4befb9c8244b897bbebc34ce0b33762e39432.woff2
fonts.shopifycdn.com/ibm_plex_sans/
23 KB
23 KB
Font
General
Full URL
https://fonts.shopifycdn.com/ibm_plex_sans/ibmplexsans_n7.48e4befb9c8244b897bbebc34ce0b33762e39432.woff2?h10=ZnIueWFsbGFiYWJlLmNh&h11=dWsueWFsbGFiYWJlLmNh&h12=ZGUueWFsbGFiYWJlLmNh&h13=ZXMueWFsbGFiYWJlLmNh&h14=aXQueWFsbGFiYWJlLmNh&h15=cm9vbW9vc2guY29t&h16=cm9vbW9vc2guY2E&h1=eWFsbGFiYWJlLmNh&h2=bGlwc3RpY2sueWFsbGFiYWJlLmNh&h3=dXMueWFsbGFiYWJlLmNh&h4=bnoueWFsbGFiYWJlLmNh&h5=YXUueWFsbGFiYWJlLmNh&h6=eWFsbGEtYmFiZS5jb20&h7=eWFsbGFiYWJlLnVz&h8=eWFsbGFiYWJlLnN0b3Jl&h9=bXgueWFsbGFiYWJlLmNh&hmac=5b03d4b287969617a84c25e2381a858f53dc68989c86542c22560dc4d3f2c80d
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5177bced2fd29da36a5f0384971aeb342138edfcf00ec6a91e65dd8381604881

Request headers

Referer
https://au.yallababe.ca/
Origin
https://au.yallababe.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
via
1.1 varnish
age
11366995
x-guploader-uploadid
ADPycdt3E5_iwF20jMk3S3A5jHPfY5DQ1QiCQIWBr2eAmpJVE6e6zM-On0kdVgolw0dOrHDb8vb2J9EJWnoCoScujMU
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
23164
x-request-id
6641184728aa08ce8f402c289eba07a5d1183129bdb985b7f24e2bf34e2286ad
x-served-by
cache-yul12829-YUL
last-modified
Fri, 12 Mar 2021 22:53:02 GMT
server
UploadServer
x-timer
S1640983468.403743,VS0,VE0
etag
"62c87bb526ab7e832df7ba5b8497d4c6"
x-goog-hash
crc32c=lyBplA==, md5=Ysh7tSarfoMt97pbhJfUxg==
content-type
font/woff2
access-control-allow-origin
*
expires
Mon, 22 Aug 2022 07:14:32 GMT
cache-control
max-age=2629800, immutable
accept-ranges
bytes
x-cache-hits
37981
session
shop.app/pay/
18 B
1 KB
Fetch
General
Full URL
https://shop.app/pay/session?v=1
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.33 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
checkout.shopify.com
Software
cloudflare /
Resource Hash
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,us-east1
p3p
CP="Not used"
access-control-allow-methods
GET, OPTIONS
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1600069b-3bea-4379-b237-03bbf55854db
x-runtime
0.004910
x-robots-tag
noindex
server
cloudflare
x-frame-options
DENY
etag
W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://au.yallababe.ca
vary
Accept-Encoding, Accept, Origin
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6c665895ebb3ca4b-YUL
x-sorting-hat-podid
-1
access-control-expose-headers
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
475 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
251.248.198.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
x-dc
gcp-us-central1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://au.yallababe.ca
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
12bbfca7-5308-4661-b2bf-47b7172346a0
consent-tracking-api.js
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/
4 KB
2 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12829-YUL /
Resource Hash
895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://au.yallababe.ca/
Origin
https://au.yallababe.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1
x-cache
HIT, HIT
server-timing
cdn;dur=0.166,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
1475
x-xss-protection
1; mode=block
x-request-id
c5224d3406b43558425b4083fe101753
x-served-by
cache-lga21967-LGA, cache-yul12829-YUL
server
cache-yul12829-YUL
x-timer
S1640983468.468196,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-cache-hits
78, 609
tracking_script
cdn.shopify.com/proxy/b341c2568fc5dbd5786713a0ddccdb17358f48bc6471541d4965a26bcbce7c10/bingshoppingtool-t2app-prod.trafficmanager.net/uet/
639 B
2 KB
Script
General
Full URL
https://cdn.shopify.com/proxy/b341c2568fc5dbd5786713a0ddccdb17358f48bc6471541d4965a26bcbce7c10/bingshoppingtool-t2app-prod.trafficmanager.net/uet/tracking_script?shop=yalla-babe.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
3b390fdd116ad81914b76e8c7b14d0c37c00f525ef0bf8ad71597125687df78d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox;
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-central1,gcp-us-central1
edge-cache-tag
mime-application/x-javascript; charset=utf-8,source-ProxyBackend,segment2-163,segment4-41736,revision-63e5655c0679502a211cd01e63f2185a7e2d56dd,secure-proxy-shopifycloud-com-proxy-b341c2568fc5dbd5786713a0ddccdb17358f48bc6471541d4965a26bcbce7c10-bingshoppingtool-t2app-prod
content-disposition
attachment
server-timing
cdn;dur=0.122,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
639
x-xss-protection
1; mode=block
x-request-id
e69729cef639c7f2da153135fc29a2ab
x-served-by
cache-lga13627-LGA, cache-yul12830-YUL
x-cache
HIT, HIT
server
cache-yul12830-YUL
x-timer
S1640983468.495507,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Token,Shop
x-cache-hits
1, 1
cc-sizecharts-3089.js
cleancanvas-app-sizechart.s3.amazonaws.com/store-scripts/
69 KB
10 KB
Script
General
Full URL
https://cleancanvas-app-sizechart.s3.amazonaws.com/store-scripts/cc-sizecharts-3089.js?v=20210928064845&shop=yalla-babe.myshopify.com
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.199.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c70c1f106cfb40d2af11988a3f8938024da06fbfd5f1b8c6b4b0e7ce7f7ab562

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 31 Dec 2021 20:44:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 06:48:46 GMT
Server
AmazonS3
x-amz-request-id
CPBH49MY8Z5MGAAV
ETag
"69086d3a5388b62c289d75661d2b171f"
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
10007
x-amz-id-2
audAixa5DRLtk2bpdfJY0Gr6u/w9wALCsMm6MN3ooIA/8VafLQf0U3mcihozeRnIRe3gG4U7Meg=
loader
app.yeps.io/
337 B
783 B
Script
General
Full URL
https://app.yeps.io/loader?hostId=zPtKwrAjhGaJ7q7CN&shop=yalla-babe.myshopify.com
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:19d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1456523c7e7c21079eeb250d911325b91ad34a17376cb83987ff2d5ad5731061

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoTjBImlwr8dotfqXRb5eRqDtNoKNpKr9Xg6vFDCPe9FnGvJGSOoqiidN0%2B1vZpu2TPacuN1ZhEL2axvKkcv8pS%2FGQ0dkI6iLgG7SQoka9IviXgTqWZmKcuunyK%2Frern%2FfIulAXs9jInzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
6c6658965d677138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
shopifyChatV1.js
cdn.shopify.com/shopifycloud/shopify_chat/storefront/
11 KB
4 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/shopify_chat/storefront/shopifyChatV1.js?api_env=production&button_color=%2362a2ef&button_style=icon&p=bottom_right&shop_id=mCDqwOK2FTxxyqhvsckRdCqadDrVmphQ4uEJRPPlHJI&shop=yalla-babe.myshopify.com
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
50666ad78372d197618e1fad6b92fcaa1236abbf5d06ec1ed40411b586dafbfa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
content-disposition
inline
server-timing
cdn;dur=0.555,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
4059
x-xss-protection
1; mode=block
x-request-id
78f62ac31b374ad57881f0fe21e6f075
x-served-by
cache-lga13626-LGA, cache-yul12830-YUL
server
cache-yul12830-YUL
x-timer
S1640983468.496827,VS0,VE1
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=360
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify_chat/storefront/shopifyChatV1.js>; rel="canonical"
x-cache-hits
1, 1
yalla-babe.js
storage.googleapis.com/gsf-scripts/global-remarketing/
11 KB
11 KB
Script
General
Full URL
https://storage.googleapis.com/gsf-scripts/global-remarketing/yalla-babe.js?1640123646&shop=yalla-babe.myshopify.com
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3c738d9156feb2668364404467b15b7dc11d8bfb8a9e1054df3dff9763f6ebfe

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
age
0
x-guploader-uploadid
ADPycdup9tNqNDgQFl3OfEYpB7OaB6yuOrAFFk2Lj-3RlUyg_6e8rB8n_xGKb5IAxOIveMPVikl-NFFP2dL2zdvZVqG9i08Z6A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11007
last-modified
Tue, 21 Dec 2021 21:54:06 GMT
server
UploadServer
etag
"9cbfabe2a1c118b7009d8a4ccad0c784"
x-goog-hash
crc32c=fAxmKw==, md5=nL+r4qHBGLcAnYpMytDHhA==
x-goog-generation
1640123646083565
cache-control
no-cache, max-age=0
x-goog-stored-content-length
11007
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 31 Dec 2021 20:44:28 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
YZCYl95jdGGq2zB3JkBlMygEMDHewBGn01UYJ8+RxR2eLXDAU5BSWXWk/jBbipI7W3jTKpW4Q8CS70vfm0tf9Q==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 31 Dec 2021 20:44:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
209
date
Fri, 31 Dec 2021 20:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 31 Dec 2021 22:40:59 GMT
core.js
s.pinimg.com/ct/
1 KB
832 B
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:499::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"95580b4fad0d5513b92f05a5be0d5a38"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
x-fallback
245eaecf-23.33.238.102
accept-ranges
bytes
content-length
583
access-control-expose-headers
X-CDN
events.js
analytics.tiktok.com/i18n/pixel/
119 KB
36 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C123L38JQ4BPD6C9VMF0&lib=ttq
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.36 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
731d2de2bbddc41a1bc026863710d597156cec734905604383a9971ccca3e991

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
419a306e
date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
gzip
upstream-caught
1640983468566645
x-cache
TCP_MISS from a23-40-19-36.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=9
pragma
no-cache
server
nginx
x-tt-logid
2021123120442801011300606926F81DDB
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.40.19.36
x-tt-trace-host
011d75c5713d58c1adecca8b0192aa4904d277dce1aebeca6522f88a835f678344b55d087dc36347a02e5612ac7cf8737bd34b9320c16ada6dfaf30918fc0b7a9b59517d8e00e907ed8c177875a08f2ad88153b04b585e98080befd255d091d9af
expires
Fri, 31 Dec 2021 20:44:28 GMT
shopify-boomerang-1.0.0.min.js
cdn.shopify.com/shopifycloud/boomerang/
58 KB
17 KB
Script
General
Full URL
https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=0.122,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length
17388
x-xss-protection
1; mode=block
x-request-id
b3ae10cedc8093f40a60dd92858b8e57
x-served-by
cache-lga21967-LGA, cache-yul12830-YUL
server
cache-yul12830-YUL
x-timer
S1640983469.511074,VS0,VE0
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits
1, 1709922
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
474 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
251.248.198.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
x-dc
gcp-us-central1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://au.yallababe.ca
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
79ec4c08-1b0e-4db2-9102-a449700aa1f4
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
476 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
251.248.198.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
x-dc
gcp-us-central1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://au.yallababe.ca
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
d61481ea-d9ae-440f-ab67-e4afb71c0ebe
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
475 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
251.248.198.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
x-dc
gcp-us-central1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://au.yallababe.ca
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
42d84a92-ebb4-4234-833e-d6034d9277fe
produce_batch
monorail-edge.shopifysvc.com/unstable/
0
475 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
251.248.198.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
x-dc
gcp-us-central1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://au.yallababe.ca
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
3d9706f8-1370-4f14-9a11-8674d3842f94
bat.js
bat.bing.com/
35 KB
11 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/proxy/b341c2568fc5dbd5786713a0ddccdb17358f48bc6471541d4965a26bcbce7c10/bingshoppingtool-t2app-prod.trafficmanager.net/uet/tracking_script?shop=yalla-babe.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90bd855f92aec63cef7a79cd868ffc8b0923a4eded158336fc3eb213fbe90166

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 21:48:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1567F5C04222411FB7F261BC25EF72CE Ref B: YMQ01EDGE0613 Ref C: 2021-12-31T20:44:28Z
etag
"0b35237fde6d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10224
yeps.js
widget.yeps.io/
157 KB
49 KB
Script
General
Full URL
https://widget.yeps.io/yeps.js
Requested by
Host: app.yeps.io
URL: https://app.yeps.io/loader?hostId=zPtKwrAjhGaJ7q7CN&shop=yalla-babe.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:19d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb6a21ee6601e1e2b04ba353ee586eab24eb5ef0a50c65985c9b24814d7b30db

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5030
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
62XXXKA7JQYXZ2V8
x-amz-id-2
Qa/GIA7OsAGilvhRk+uZ5TzP9njfOEcwVsj2MERQshZH1EKmwmrSdIjie5pEOsiHDDvKeQDYIyM=
last-modified
Sun, 12 Dec 2021 19:52:58 GMT
server
cloudflare
etag
W/"8dfc2b4fcc0cb6e6e70035d46d5fbeec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yv0UBWX%2F2LyL1cLL%2FneF%2B%2FsxZqmI%2B%2BJea7KNNVvTLnS%2FCMbjX3E9R9%2F2j9RwEvQ5BZOexoppvJ5cGKEyjLWZbNaVWnsy2rs9NuhJQJa3rLHYuOtelgSu45hRUoWrOZzUVh6vF1NciBmcAUgy1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
6c665896adf47138-YUL
992326221373058
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/992326221373058?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0269f51738ef2e4df976935b9316569f8c76205314959693851acf3d1afd247
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88852
x-xss-protection
0
pragma
public
x-fb-debug
tR6UqtDIsZ6MsNaUqucKYhNIZHDFHikmPmc/TgOXsyQEpuoIgG/XpgILCEIxUBVKVZQ+ngePUCeb9gvhtilNxQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 31 Dec 2021 20:44:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
442 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-183922262-1&cid=1960246559.1640983469&jid=160924641&gjid=1916398999&_gid=1291868118.1640983469&_u=YGBAgEABBAAAAE~&z=1354688853
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 31 Dec 2021 20:44:28 GMT
content-type
text/plain
access-control-allow-origin
https://au.yallababe.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=810404115&t=pageview&_s=1&dl=https%3A%2F%2Fau.yallababe.ca%2F404&dp=%2Flogin.php&ul=en-us&de=UTF-8&dt=404%20Not%20Found%20%E2%80%93%20yalla%20babe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABB~&jid=160924641&gjid=1916398999&cid=1960246559.1640983469&tid=UA-183922262-1&_gid=1291868118.1640983469&did=BwiEti&z=206291313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 05:18:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55564
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
main.6ae4a9fc.js
s.pinimg.com/ct/lib/
54 KB
19 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:499::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"9850391ff02e4a98b00efa3acfbbbb10"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
x-fallback
245eaedc-23.33.238.102
accept-ranges
bytes
content-length
18814
access-control-expose-headers
X-CDN
identify.js
analytics.tiktok.com/i18n/pixel/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C123L38JQ4BPD6C9VMF0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.36 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
419a309a
date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
gzip
upstream-caught
1640983468644465
x-cache
TCP_MISS from a23-40-19-36.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server-timing
inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=9
pragma
no-cache
server
nginx
x-tt-logid
2021123120442801011313519402EE8FF1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.40.19.36
x-tt-trace-host
011d75c5713d58c1adecca8b0192aa4904d277dce1aebeca6522f88a835f6783441418724ca728046b26a677f7412260aadd7c670591122fe7a1ada7f4f7a255c5313271f237170667d00c9184c203a9cad34f1ef934e18b9e57b6771189a28e00
expires
Fri, 31 Dec 2021 20:44:28 GMT
config.js
analytics.tiktok.com/i18n/pixel/
4 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C123L38JQ4BPD6C9VMF0&hostname=au.yallababe.ca
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C123L38JQ4BPD6C9VMF0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.36 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fe1cd48d519e718b98f709c5bb442b82d2305ff4444ec5cc143174a937b3f6f3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
419a30b4
date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
gzip
upstream-caught
1640983468690628
x-cache
TCP_MISS from a23-40-19-36.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=16
pragma
no-cache
server
nginx
x-tt-logid
202112312044280101131350981841DA78
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.40.19.36
x-tt-trace-host
011d75c5713d58c1adecca8b0192aa4904d277dce1aebeca6522f88a835f6783441418724ca728046b26a677f7412260aa0f8e3b466f63b4fc86d88bbec72d7cf2b434e433b62462de363829037910129ff4c71412eb4a1b248651a91082a2d7d6
expires
Fri, 31 Dec 2021 20:44:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/
90 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/gsf-scripts/global-remarketing/yalla-babe.js?1640123646&shop=yalla-babe.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 26 Dec 2021 06:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Dec 2022 06:43:31 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=810404115&t=timing&_s=2&dl=https%3A%2F%2Fau.yallababe.ca%2Flogin.php&dp=%2Flogin.php&ul=en-us&de=UTF-8&dt=404%20Not%20Found%20%E2%80%93%20yalla%20babe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=682&pdt=31&dns=0&rrt=0&srt=417&tcp=34&dit=577&clt=635&_gst=687&_gbt=784&_u=YGBAgEABBAAAAE~&jid=&gjid=&cid=1960246559.1640983469&tid=UA-183922262-1&_gid=1291868118.1640983469&did=BwiEti&z=1932049015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 05:18:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55564
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pageView
app.yeps.io/widget/
1 KB
2 KB
Fetch
General
Full URL
https://app.yeps.io/widget/pageView
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:19d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43ac076b7748a5b57b5c81e86748f95f53213d28ec9846cd48f07269fad95f5
Security Headers
Name Value
Content-Security-Policy default-src https://app.yeps.io/ 'self'; script-src https://app.yeps.io/ 'self' https://*.google-analytics.com https://*.facebook.com https://vk.com https://login.vk.com https://*.pinterest.com https://*.linkedin.com https://checkout.stripe.com https://call.chatra.io https://chat.chatra.io http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io unsafe-eval unsafe-inline; child-src 'self' https://chat.chatra.io https://checkout.stripe.com; img-src https://app.yeps.io/ 'self' https://*.stripe.com https://*.google-analytics.com https://*.doubleclick.net https://cdn.shopify.com https://widget.yeps.io data: blob: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; connect-src * 'self' ws://app.yeps.io/ wss://app.yeps.io/ http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; style-src https://app.yeps.io/ https://fonts.googleapis.com 'self' 'unsafe-inline'; font-src https://app.yeps.io/ https://fonts.gstatic.com https://netdna.bootstrapcdn.com 'self' data: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; frame-ancestors 'self'; frame-src https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'self' https://chat.chatra.io https://checkout.stripe.com

Request headers

Accept
application/json
Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVs2Pej93x6xzJFBfxTeMyg6YhlnSFqKcZThUrt49dJn9UcjPiKQnwQqURYHabVUzBtp8Z09%2BbYq56PiEbTJ7V2Ze6HAkecdNsYzrm8BCzoUSms1xBtjfEfBcvwncG0y4FaHOGjCPeg1og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-security-policy
default-src https://app.yeps.io/ 'self'; script-src https://app.yeps.io/ 'self' https://*.google-analytics.com https://*.facebook.com https://vk.com https://login.vk.com https://*.pinterest.com https://*.linkedin.com https://checkout.stripe.com https://call.chatra.io https://chat.chatra.io http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io unsafe-eval unsafe-inline; child-src 'self' https://chat.chatra.io https://checkout.stripe.com; img-src https://app.yeps.io/ 'self' https://*.stripe.com https://*.google-analytics.com https://*.doubleclick.net https://cdn.shopify.com https://widget.yeps.io data: blob: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; connect-src * 'self' ws://app.yeps.io/ wss://app.yeps.io/ http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; style-src https://app.yeps.io/ https://fonts.googleapis.com 'self' 'unsafe-inline'; font-src https://app.yeps.io/ https://fonts.gstatic.com https://netdna.bootstrapcdn.com 'self' data: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; frame-ancestors 'self'; frame-src https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'self' https://chat.chatra.io https://checkout.stripe.com
cf-ray
6c6658978edf4bcb-YUL
access-control-allow-headers
Content-Type, Content-Length, X-Requested-With
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
ct.pinterest.com/user/
520 B
855 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2612381499591&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1640983468711
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd80ae8e3e2bda63c74d0584cc96aa28d5a54b7a7384ff046ed4082c3d642f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.ac19df17.1640983468.52ef7
x-envoy-upstream-service-time
1
x-pinterest-rid
1553109207535098
pin-unauth
dWlkPVpUVTRPR1JoTURVdE5HVmxaaTAwTVRka0xXRTRNemd0TVRGbU16Um1PV0pqT1dWaw
access-control-allow-origin
https://au.yallababe.ca
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
375
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
331 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2612381499591&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fau.yallababe.ca%2Flogin.php%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1640983468712
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 20:44:28 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ac19df17.1640983468.52efe
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
8884991747585903
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
576 B
Image
General
Full URL
https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2612381499591&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fau.yallababe.ca%2Flogin.php%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1640983468713
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 20:44:28 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ac19df17.1640983468.52ef9
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
5
content-length
35
x-pinterest-rid
7012013353340526
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
408 B
Image
General
Full URL
https://www.facebook.com/tr/?id=992326221373058&ev=PageView&dl=https%3A%2F%2Fau.yallababe.ca%2Flogin.php&rl=&if=false&ts=1640983468734&sw=1600&sh=1200&v=2.9.48&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1640983468732.431679991&it=1640983468583&coo=false&eid=123c9c91-46F5-4F98-A92E-35BC5D58D136&exp=p0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 31 Dec 2021 20:44:28 GMT
pixel
analytics.tiktok.com/api/v2/
0
566 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C123L38JQ4BPD6C9VMF0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.36 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 20:44:28 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202112312044280101130061531DEEB0F1
x-cache
TCP_MISS from a23-40-19-36.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.40.19.36
x-tt-trace-host
011d75c5713d58c1adecca8b0192aa4904d277dce1aebeca6522f88a835f678344b55d087dc36347a02e5612ac7cf8737b43317febd759a974e155c4d0bbefe2aa00f7a8ddf85b9b0bc734f8a0dff93f48f8cddcba50805b72fd181977bbc82226
server-timing
inner; dur=8, cdn-cache; desc=MISS, edge; dur=1, origin; dur=16
x-akamai-request-id
419a30dd
content-length
0
expires
Fri, 31 Dec 2021 20:44:28 GMT
pixel
analytics.tiktok.com/api/v2/
0
565 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C123L38JQ4BPD6C9VMF0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.36 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 20:44:28 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2021123120442801011300613608F199B0
x-cache
TCP_MISS from a23-40-19-36.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
18,23.40.19.36
x-tt-trace-host
011d75c5713d58c1adecca8b0192aa4904d277dce1aebeca6522f88a835f678344b55d087dc36347a02e5612ac7cf8737b33d940edf66503baac5d1e106e50dcb7dfc0b3552030a27b11e732703c78b8d52aa3261e445c7f52bbe1dc547c80d864
server-timing
inner; dur=9, cdn-cache; desc=MISS, edge; dur=0, origin; dur=18
x-akamai-request-id
419a30de
content-length
0
expires
Fri, 31 Dec 2021 20:44:28 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-183922262-1&cid=1960246559.1640983469&jid=160924641&_u=YGBAgEABBAAAAE~&z=72723534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 20:44:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
501 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-183922262-1&cid=1960246559.1640983469&jid=160924641&_u=YGBAgEABBAAAAE~&z=72723534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 20:44:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
makeup_and_more_62e91ecc-6516-4498-80c9-d08e0a998ebd_1728x.jpg
cdn.shopify.com/s/files/1/0473/0830/8632/files/
39 KB
39 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/0473/0830/8632/files/makeup_and_more_62e91ecc-6516-4498-80c9-d08e0a998ebd_1728x.jpg?v=1622735124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-yul12830-YUL /
Resource Hash
3d2927f880c97bdb38866d01844a2853d8fccfe4f9ba30b385493b1fd0bb9517
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, HIT
server-timing
cdn;dur=1.275,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length
39557
x-xss-protection
1; mode=block
x-request-id
95885ad0b2bba60cadcffef7ef11ee60
x-served-by
cache-lga13620-LGA, cache-yul12830-YUL
server
cache-yul12830-YUL
x-timer
S1640983469.764171,VS0,VE1
date
Fri, 31 Dec 2021 20:44:28 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0473/0830/8632/files/makeup_and_more_62e91ecc-6516-4498-80c9-d08e0a998ebd_1728x.jpg>; rel="canonical"
x-cache-hits
1, 1
/
ct.pinterest.com/md/
0
273 B
XHR
General
Full URL
https://ct.pinterest.com/md/
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 20:44:28 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ac19df17.1640983468.52f5a
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
0
x-pinterest-rid
7753362544391260
expires
Sat, 01 Jan 2000 00:00:00 GMT
ct.html
www.pinterest.ca/ Frame CE42
Redirect Chain
  • https://www.pinterest.com/ct.html
  • https://www.pinterest.ca/ct.html
413 B
4 KB
Document
General
Full URL
https://www.pinterest.ca/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ab1a0291069b529c85d0b675702be0a774e72ab54607cb5e26e6de5ff56d1fef
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-f5ab0a97ca7b31ac70855c4a396d843c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1743870590139423; frame-ancestors *
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p
CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-f5ab0a97ca7b31ac70855c4a396d843c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1743870590139423; frame-ancestors *
content-security-policy-report-only
script-src 'nonce-f5ab0a97ca7b31ac70855c4a396d843c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
link
<https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
106
pinterest-generated-by
coreapp-webapp-prod-0a03b21c
content-encoding
gzip
pinterest-version
f2bf91b
referrer-policy
origin
x-pinterest-rid
1743870590139423
date
Fri, 31 Dec 2021 20:44:29 GMT
content-length
280
akamai-grn
0.ac19df17.1640983468.52f9f
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location
https://www.pinterest.ca/ct.html
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
116
pinterest-generated-by
coreapp-webapp-prod-0a0399e4
content-encoding
gzip
pinterest-version
f2bf91b
referrer-policy
origin
x-pinterest-rid
4033888667566870
date
Fri, 31 Dec 2021 20:44:28 GMT
akamai-grn
0.ac19df17.1640983468.52f24
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
17516929.js
bat.bing.com/p/action/
0
111 B
Script
General
Full URL
https://bat.bing.com/p/action/17516929.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 31 Dec 2021 20:44:28 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 729E3F9633AA4200A80C241775BF132A Ref B: YMQ01EDGE0613 Ref C: 2021-12-31T20:44:28Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
151 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17516929&Ver=2&mid=9490d89b-4b23-43cb-bb86-948defe835cf&sid=72eeeeb06a7a11ec9c58f7cfab39ad8e&vid=72ef15f06a7a11eca422f392db995b03&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=404%20Not%20Found%20%E2%80%93%20yalla%20babe&p=https%3A%2F%2Fau.yallababe.ca%2Flogin.php&r=&lt=684&evt=pageLoad&msclkid=N&sv=1&rn=410817
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 20:44:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5487D29812A04C4EA840768F09D59E41 Ref B: YMQ01EDGE0613 Ref C: 2021-12-31T20:44:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6841
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
/
www.pinterest.ca/_/_/csp_report/ Frame CE42
0
4 KB
Other
General
Full URL
https://www.pinterest.ca/_/_/csp_report/?rid=1743870590139423
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-4d98d449d6b348ca77b32925b96bfa0a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1384584090112936; frame-ancestors 'self' , script-src 'nonce-4d98d449d6b348ca77b32925b96bfa0a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1384584090112936
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-4d98d449d6b348ca77b32925b96bfa0a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1384584090112936; frame-ancestors 'self' , script-src 'nonce-4d98d449d6b348ca77b32925b96bfa0a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1384584090112936
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.ac19df17.1640983469.53010
content-security-policy-report-only
script-src 'nonce-4d98d449d6b348ca77b32925b96bfa0a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
27
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1384584090112936
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
f2bf91b
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 31 Dec 2021 20:44:29 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03a40c
/
www.pinterest.ca/_/_/csp_report/ Frame CE42
0
4 KB
Other
General
Full URL
https://www.pinterest.ca/_/_/csp_report/?reportonly
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-15902e7c06a2094f0a8106846397c85d' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1011771855297103; frame-ancestors 'self' , script-src 'nonce-15902e7c06a2094f0a8106846397c85d' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1011771855297103
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-15902e7c06a2094f0a8106846397c85d' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1011771855297103; frame-ancestors 'self' , script-src 'nonce-15902e7c06a2094f0a8106846397c85d' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1011771855297103
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.ac19df17.1640983469.53011
content-security-policy-report-only
script-src 'nonce-15902e7c06a2094f0a8106846397c85d' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
25
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1011771855297103
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
f2bf91b
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 31 Dec 2021 20:44:29 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a038616
/
www.pinterest.ca/_/_/csp_report/ Frame CE42
0
4 KB
Other
General
Full URL
https://www.pinterest.ca/_/_/csp_report/?reportonly
Requested by
Host: au.yallababe.ca
URL: https://au.yallababe.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-db4b3478a9a42f39db665e54346f047a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1233556336759908; frame-ancestors 'self' , script-src 'nonce-db4b3478a9a42f39db665e54346f047a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1233556336759908
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-db4b3478a9a42f39db665e54346f047a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1233556336759908; frame-ancestors 'self' , script-src 'nonce-db4b3478a9a42f39db665e54346f047a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1233556336759908
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.ac19df17.1640983469.53012
content-security-policy-report-only
script-src 'nonce-db4b3478a9a42f39db665e54346f047a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
47
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1233556336759908
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
f2bf91b
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 31 Dec 2021 20:44:29 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03b21c
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=992326221373058&ev=Microdata&dl=https%3A%2F%2Fau.yallababe.ca%2Flogin.php&rl=&if=false&ts=1640983469243&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22404%20Not%20Found%20%E2%80%93%20yalla%20babe%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22404%20Not%20Found%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fau.yallababe.ca%2F404%22%2C%22og%3Asite_name%22%3A%22yalla%20babe%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0473%2F0830%2F8632%2Ffiles%2Fmakeup_and_more_62e91ecc-6516-4498-80c9-d08e0a998ebd.jpg%3Fv%3D1622735124%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0473%2F0830%2F8632%2Ffiles%2Fmakeup_and_more_62e91ecc-6516-4498-80c9-d08e0a998ebd.jpg%3Fv%3D1622735124%22%2C%22og%3Aimage%3Awidth%22%3A%22683%22%2C%22og%3Aimage%3Aheight%22%3A%22512%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1640983468732.431679991&it=1640983468583&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://au.yallababe.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 20:44:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 31 Dec 2021 20:44:29 GMT
produce
monorail-edge.shopifysvc.com/v1/
0
476 B
Ping
General
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
251.248.198.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://au.yallababe.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Dec 2021 20:44:30 GMT
x-dc
gcp-us-central1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://au.yallababe.ca
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
86925638-3fbd-494c-84c1-89ba2494b6ad

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.yalla-babe.com
URL
https://www.yalla-babe.com/cart?view=ajax&shpxid=64be670b-0f17-4234-b570-5d1af90c9bed

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| Shopify object| ShopifyPay object| __st boolean| ShopifyPaypalV4VisibilityTracking object| gsf_conversion_data object| meta string| attr object| ShopifyAnalytics object| gaDevIds object| trekkie function| EventEmitter3 object| Events object| mobile object| tablet object| device object| desktop function| onYouTubeIframeAPIReady object| selectors object| themeInfo object| lazySizesConfig object| lazySizes function| Cookies function| PhotoSwipe function| PhotoSwipeUI_Default function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| _ object| WAU object| theme function| log function| floatToString object| __core-js_shared__ object| core object| regeneratorRuntime object| settings function| fbq function| _fbq function| ga string| GoogleAnalyticsObject function| pintrk string| TiktokAnalyticsObject object| ttq object| _visit object| BOOMR object| uetq number| visuallyReady string| YepsID string| YepsShop function| Yeps object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| initGSFTrackerJS function| generateProductIds function| generateProductItemsId function| getShopCurrency function| getShopProductData function| gsfNavigationData function| gsfCallInitiateCheckout function| gsfLoadScript function| prepareAdditionalEvent function| gsfLoadjQuery function| initGSFTracker function| initGSFTrackerJSCode function| initGSFTrackerFunction object| dataLayer object| VK boolean| __yepsGoogleTranslateFix undefined| $ undefined| jQuery function| gsf_jQuery function| UET function| UET_init function| UET_push object| ueto_e1d61a0730

27 Cookies

Domain/Path Name / Value
au.yallababe.ca/ Name: cart
Value: f774ca7a623ac125d85255832d26329b
au.yallababe.ca/ Name: cart_ts
Value: 1640983467
au.yallababe.ca/ Name: localization
Value: AU
au.yallababe.ca/ Name: cart_currency
Value: AUD
au.yallababe.ca/ Name: cart_sig
Value: bdcc4bf1f3e2c6ead494a8f9c0f248ba
au.yallababe.ca/ Name: secure_customer_sig
Value:
au.yallababe.ca/ Name: cart_ver
Value: gcp-us-central1%3A1
.yallababe.ca/ Name: _y
Value: 46eff62a-22a9-4615-b366-5c560fca8595
.yallababe.ca/ Name: _s
Value: 35d0c6e0-f1c5-4d25-a0a0-08a5e879b120
.yallababe.ca/ Name: _shopify_y
Value: 46eff62a-22a9-4615-b366-5c560fca8595
.yallababe.ca/ Name: _shopify_s
Value: 35d0c6e0-f1c5-4d25-a0a0-08a5e879b120
au.yallababe.ca/ Name: keep_alive
Value: 35d0c6e0-f1c5-4d25-a0a0-08a5e879b120
.yallababe.ca/ Name: _shopify_sa_t
Value: 2021-12-31T20%3A44%3A28.497Z
.yallababe.ca/ Name: _shopify_sa_p
Value:
au.yallababe.ca/ Name: shopify_pay_redirect
Value: pending
.yallababe.ca/ Name: _ga
Value: GA1.2.1960246559.1640983469
.yallababe.ca/ Name: _gid
Value: GA1.2.1291868118.1640983469
.yallababe.ca/ Name: _gat
Value: 1
.yallababe.ca/ Name: _fbp
Value: fb.1.1640983468732.431679991
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZRVzRNMHBkNS9pZzltb2czOWhiVjd2UWNOckRRVnlqdG9GMTgrM2NEdnRIbDRxaXUxNmhoR055SXVHcTNtaTNBOHdKT1JmQytLaFg0elRzb3NXL0o2NzYxOUFxeGgwNEtVV0FnLzk2MlE4TT0mcGlrR3VGbCthWVd5UXgzNnhFNWVuamNSUkpjPQ=="
.au.yallababe.ca/ Name: _pin_unauth
Value: dWlkPVpUVTRPR1JoTURVdE5HVmxaaTAwTVRka0xXRTRNemd0TVRGbU16Um1PV0pqT1dWaw
.facebook.com/ Name: fr
Value: 03uPkN5EXhwXeUqd1..Bhz2us...1.0.Bhz2us.
.bing.com/ Name: MUID
Value: 113ACB5098AA69523C51DA4E99916835
.bat.bing.com/ Name: MR
Value: 0
.yallababe.ca/ Name: _uetsid
Value: 72eeeeb06a7a11ec9c58f7cfab39ad8e
.yallababe.ca/ Name: _uetvid
Value: 72ef15f06a7a11eca422f392db995b03
www.pinterest.ca/ Name: _pinterest_sess
Value: TWc9PSZmS2trYVhzMGlaM3lnTHA3VDQvWWFVSGt3Mzl2SFJJbkFRN2R0SEVJSERUU2c3V3RFVndmR2lNWWFrcjkvWC9qcFlSUkFvVWc1MDVjcjFiQUx5SE1TUFpJZVhhQkh2cTJFd2pBRTRJRXl2aTRCKzJ2SmNTUm52MlpqZG1OT3ltZyZSQWRxZWRNdS9jL1FUUmhGTnVTazZBQ0NaSnc9

5 Console Messages

Source Level URL
Text
network error URL: https://au.yallababe.ca/login.php
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://au.yallababe.ca/login.php
Message:
Access to fetch at 'https://www.yalla-babe.com/cart?view=ajax&shpxid=64be670b-0f17-4234-b570-5d1af90c9bed' (redirected from 'https://au.yallababe.ca/cart/?view=ajax') from origin 'https://au.yallababe.ca' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.yalla-babe.com/cart?view=ajax&shpxid=64be670b-0f17-4234-b570-5d1af90c9bed
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-f5ab0a97ca7b31ac70855c4a396d843c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=82df738e-3342-495c-affa-417a207afdb1
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=82df738e-3342-495c-affa-417a207afdb1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tiktok.com
app.yeps.io
au.yallababe.ca
bat.bing.com
cdn.shopify.com
cleancanvas-app-sizechart.s3.amazonaws.com
connect.facebook.net
ct.pinterest.com
fonts.shopifycdn.com
monorail-edge.shopifysvc.com
s.pinimg.com
shop.app
stats.g.doubleclick.net
storage.googleapis.com
widget.yeps.io
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.pinterest.ca
www.pinterest.com
www.yalla-babe.com
www.yalla-babe.com
104.198.248.251
23.208.216.207
23.227.38.33
23.227.38.74
23.49.248.36
2600:1400:d:499::1931
2606:4700:3032::6815:19d7
2607:f8b0:4006:80f::2010
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::200e
2607:f8b0:4023:1404::9b
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::268
2a04:4e42:600::268
52.217.199.81
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
0bf9d619d7dd490cca58e629b1e07a5c58ce53e8413b4dee09d5a60d76815cc0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1456523c7e7c21079eeb250d911325b91ad34a17376cb83987ff2d5ad5731061
1e4fd7cef5f44d69d6acb6cd481017b5fcebf3a2a264476518ed2ce240401c9a
24e1f6458d672c9e581b93b626d0e4cbaf991e8f29bba87e4cb7115a74dad406
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b390fdd116ad81914b76e8c7b14d0c37c00f525ef0bf8ad71597125687df78d
3c738d9156feb2668364404467b15b7dc11d8bfb8a9e1054df3dff9763f6ebfe
3ce09b92aa9e8aa62033574e4592ba35ffd7faf242fb48e9c368b0c058634134
3d2927f880c97bdb38866d01844a2853d8fccfe4f9ba30b385493b1fd0bb9517
50666ad78372d197618e1fad6b92fcaa1236abbf5d06ec1ed40411b586dafbfa
5177bced2fd29da36a5f0384971aeb342138edfcf00ec6a91e65dd8381604881
53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
731d2de2bbddc41a1bc026863710d597156cec734905604383a9971ccca3e991
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a
895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
90bd855f92aec63cef7a79cd868ffc8b0923a4eded158336fc3eb213fbe90166
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9fb5d886979a22a55771fdf4a5888310abec9dd235a420d1659827a5708284a2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab1a0291069b529c85d0b675702be0a774e72ab54607cb5e26e6de5ff56d1fef
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c43ac076b7748a5b57b5c81e86748f95f53213d28ec9846cd48f07269fad95f5
c70c1f106cfb40d2af11988a3f8938024da06fbfd5f1b8c6b4b0e7ce7f7ab562
cd80ae8e3e2bda63c74d0584cc96aa28d5a54b7a7384ff046ed4082c3d642f6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6a21ee6601e1e2b04ba353ee586eab24eb5ef0a50c65985c9b24814d7b30db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3c441a0372df72067576297682688081310a88a8de34b480bd2246cc8afbb
f0269f51738ef2e4df976935b9316569f8c76205314959693851acf3d1afd247
f8bab8aa4042ca7b45b599e7d4e496146ebf1b45aabb8ff96ad79393ebd10840
fe1cd48d519e718b98f709c5bb442b82d2305ff4444ec5cc143174a937b3f6f3
fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f