www.yalla-shoots.com Open in urlscan Pro
2606:4700:3033::ac43:9fd4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.yalla-shoots.com/
Submission: On August 25 via manual (August 25th 2022, 12:44:40 pm UTC) from MA — Scanned from US

Summary HTTP 159 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 23 domains to perform 159 HTTP transactions. The main IP is 2606:4700:3033::ac43:9fd4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yalla-shoots.com. The Cisco Umbrella rank of the primary domain is 890568.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2022. Valid for: a year.

This is the only time www.yalla-shoots.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3033::ac43:9fd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
4	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
4	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
28	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
4	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
6	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	74.119.119.137 74.119.119.137	19750 (AS-CRITEO) (AS-CRITEO)
7	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
1 4	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
4 4	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
10	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
1 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:445... 2600:1f18:445b:901:2381:73a:21ec:8981	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.80.54.203 54.80.54.203	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:9000:23c... 2600:9000:23cb:7400:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
159	25

15 2606:4700:3033::ac43:9fd4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.yalla-shoots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:81c::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2008 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81e::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:822::2001 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:807::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2004 (Perth Amboy, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.253.211 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:445b:901:2381:73a:21ec:8981 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.80.54.203 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-54-203.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:7400:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	criteo.net static.criteo.net — Cisco Umbrella Rank: 655 pix.us.criteo.net — Cisco Umbrella Rank: 2272 csm.us.criteo.net — Cisco Umbrella Rank: 2215	334 KB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	344 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	95 KB
15	yalla-shoots.com www.yalla-shoots.com — Cisco Umbrella Rank: 890568	244 KB
12	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 5419 ads.us.criteo.com — Cisco Umbrella Rank: 2156 cat.va.us.criteo.com — Cisco Umbrella Rank: 2686	175 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	63 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	4 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	216 KB
4	openx.net 4 redirects rtb.openx.net — Cisco Umbrella Rank: 1517	1 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	20 KB
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 3586	922 B
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1414	593 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 327	1023 B
2	pubmatic.com 1 redirects image6.pubmatic.com — Cisco Umbrella Rank: 634	788 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1072	927 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 588	737 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	703 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	42 KB
1	demand.supply live.demand.supply — Cisco Umbrella Rank: 35713
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
159	23

	Domain	Requested by
28	static.criteo.net	ads.us.criteo.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	www.yalla-shoots.com	www.yalla-shoots.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.yalla-shoots.com
13	pagead2.googlesyndication.com	www.yalla-shoots.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	cm.g.doubleclick.net	googleads.g.doubleclick.net www.yalla-shoots.com
7	csm.us.criteo.net	ads.us.criteo.com
7	pix.us.criteo.net	ads.us.criteo.com
6	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	rtb.openx.net	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	cdnjs.cloudflare.com	ads.us.criteo.com
4	cat.va.us.criteo.com	ads.us.criteo.com
4	ads.us.criteo.com	googleads.g.doubleclick.net
4	rtb.va.us.criteo.com	googleads.g.doubleclick.net www.yalla-shoots.com
3	www.gstatic.com	googleads.g.doubleclick.net
2	cc.adingo.jp	2 redirects
2	ag.innovid.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	1 redirects googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.yalla-shoots.com
1	live.demand.supply	www.yalla-shoots.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
159	31

This site contains links to these domains. Also see Links.

Domain
albaadani.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-29`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-05` - `2022-10-30`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-28` - `2022-10-22`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-23` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.yalla-shoots.com/
Frame ID: 3C4F1000AB9FAB6B47D2AF314DAF1653
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: 0D6CF36361C61660D2FB39A465A377DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&adk=1812271804&adf=3025194257&lmt=1661431475&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475016&bpp=6&bdt=198&idt=191&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3147178449308&frm=20&pv=2&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: EB50431A799CF0E5A07BB03F77E1DA26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=2181667279&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475022&bpp=3&bdt=204&idt=219&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B6xAmW0b66&p=https%3A//www.yalla-shoots.com&dtd=227
Frame ID: 33DED1676D8010B8C3ADF5C6B9E865C5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243
Frame ID: AE4079CCCF81A5A4EB2902214FBB2876
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAEeAIFKOz-AAZqxt2SIAfas9Pezgwixg&u=%7C6d8pNgmy9mG5EXm4TlkAfRqjW%2Fad9F%2F%2BFo%2BMUxih%2BEk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3YMD9Vj1vhR9mcgK6JeHvCgOlZiA2exYrLF38ll_kQUJFZG00U_OA0drj-3YIxEHHtu9MAnmSw_QSan4SDsIJcGfEDGlrX24_SrHBHliH3wbQj1kp22bg5joADTXnltGrtw3_mBeAcf588l_Mh96HkqnV3_k59cPxM9nqXaYiUK8j47lJ9KiU0QIw4u6uShcKsZgQ12g4nGyxFIIbN_xbBeU4N5c4gmerd-CdU0U8wMvlLFHh9ohmIlcOo8h3WI1reLkg3fe7ifThz9Vq02YLaRBbgCwHv1JDIz5ctEnpU7DPNnuLmmlwXPtryi2vTt-d8tZRTj7PEJ89Ojkgpp90WbiEL2sb_AzZtmxzAqcE3YwNcv_kmhKpESDkk8i2AfolfAeu2yjGn-9CyTvkvTjxtULDmylsfdCgGmt3XS4ZUvGkNJROkqicQiOwUtwCb-SE3Lc5mreRX3GI0OwoIeQFJCDGrHPdeNvvbSOWMg7Qnc3Fp0rOgY9uNKKLVgr6xJ-2p_K8u5zRz-e7_stC0xFbj5BxdaJZ2lQR8JKZxz1s9v_MGmJJWL41TP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyqrQs24HY4LwEf7Zo9kPxtWZkA2cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9CGs05uVw5gJ_afPbGbXbO-L_RQzYjTmHq_4tzJXkvO_ME3_hI7bSpZWB-Nsn10hvnAmXLhtEJm_fPE0mKx-vtBYHwnRLf6XLn1S_kkUDHYxbDCUPVIgpZufwiTG9la00sGC5KOzULp7FcLdQbNaIgVWY8gXwQoWiU9kFli57sHCvEjWuV7M341kaoYlP9n-CNZx4SfzTs71K_qbG7su5po13-0JZWLBFdu7icQRBqCT2Xg1rwLfrs5xZZZhPitYxc4lXbDZBqABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16s_FHNTRxboIi-8PTkOa8pl8HwA%26client%3Dca-pub-2158299410801748%26adurl%3D
Frame ID: D999D4F1F952E4718A1AF4EC01D4358C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3419509487~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&to=qs&pwprc=5927516270&psa=0&format=1200x90&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475787&bpp=1&bdt=969&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a9f26edc91fcda6-227b6e1c4ad6002a%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_MZm-vTa-WjU22vcaMHX97KMYBECwQ&gpic=UID%3D00000799e8033ab6%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_Mb8lpYds2DVmgCbHV9EKEP9LqG0DA&prev_fmts=0x0%2C1100x280%2C1100x280&nras=2&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cZvK0dJ1H1&p=https%3A//www.yalla-shoots.com&dtd=11
Frame ID: 4C8BA9A347E36D7B6C5A0F21636E65F8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: 085BFF59E7E68DA5286A317CD33BDDD6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8EF19DDF334433A0E5A0A17E0D16CF02
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAEMtsIaAsqAAXL8dQsUURdmCwZI8VvrA&u=%7C6d8pNgmy9mF9%2FYGZcq74cX4jTWt8ZuXM%2F6EmeIo20Zk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3akTBMFdgR12ifQ06VNKUtriN0TUr4M9Kh-rseJCRPHPH8yRCdMP3EOjne-1-ymudJ223PNACbQGYUZ0YNso8kx7lrdX5-4ncUta7pKMnG5RXs7U7Oqc0vNNBFj60ohJlRMEVpURiLEwvsbGeCHHIn6zjyuUUyxB7k-c8AH_EWllWu_V0_Mp07Vb5YpvAah5ftYIIwRKy5pMXyxhPsMLDWhpPhg-64d5J7VinqoW92-oPBMhVLEmHbyFLpsNWJc6ifSOPQ4PNzr7Czc_cyHrBaWps2OseKQIWx5q8Bfhy4VsYFgObr2DJ8Wal2g1i4i8F7hcEofHliZk_32vc6pHP3E_0YrC_ixZl6HcdqvncNE_OW7CEdw4oh1nnGyC0J6njBpzddmzF761VbgHYtxdjorThLOIfyLughA2-viWRBbUxS2d0KYJ1QnzV5xWrmsWkqF2kApsu4Zse3GNKWdvL4VzlfLEy_APDhD9yibsd9hgTm_1tjXoGXUTWDS5sJuTkddNhvIcOHyOljBTpAPqcLx5tfpwYVCSCjQibtsMfWgUUicb0FR4Spw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqrjxs24HY9vlEKqWoPMP8ZeXEJyB77BciqKWpLQBwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9A_PhzN4URa_l4NCm1P2iPvX3fspm7Xm2raj0OWpjsKfT8k0-uSw2564n0zxEosOVr6cls3efEERojSow2EB1QkdmdWq50x1DBFXbV7DVRZnmo6X900vmIoL1bGKRYfZ8hJ6LFIDVlhUOW4jf-IQKLmxhXFmSEKTiDkRVzmxcdAJtZDPY7IhiK2GMD_zG3G0lKb998D4jQop5JqauwHQy_AltaQDX9B4F1ujJkk6oG19sUqEXFqFKmdxpy8AdLVH5Er8ocpm1qABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DTfx7QhCw5OLrbK2gDTVX4hMtGw%26client%3Dca-pub-2158299410801748%26adurl%3D
Frame ID: 9D79D152D1C3453C3A8A224715549D40
Requests: 16 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswALalcDihB3AAs2IJSE6uvH91unuZYupQ&u=%7C6d8pNgmy9mFHo0Is4e0LoFaofnroOeTnvzr88pC55J8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3YMD9Vj1vhR9kOormQ0FJeAcHkuGIL6tGmmVE-tD4PJxfgLfaLcUXtAI1ssbmCXGCKFLVsGZzWZd0vo8iCTCnFwcow9U0UcK9SGStQZ3TGSGZHP9mxHjfMi3M7pX8ANXUIv3lV7zhh8Ncc9JhIeipbbZ01SR07hDbvhouG0Hs45qf-c9OU8sNOLSY4ZkZb4FkQjSB1rRs2J8Ub-v2R3ksi0zASzygexfycQx1p0xKEOLv7SZi0ml97K3wfZDaGrCJn2ynulNhiN57yogHwB880LOi3PJ3m_0SYSqsddybBQ1GPJ7lCmrKWTuqF4yIl6HtsvMfCfaPqncvBUAmYVi7u9t8XKp2QpsjhQ_GZUQS2dvWmV0lRY7WmRn7okEbBxZlME2Vk45tgXppWmDv6sZcbA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPiDos24HY9fULfegqMwPoOysyAmcge-wXLKaqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9DOwY9RYigCXtn_P72bJnMfUWlqjVwP3pD55dfKdJvojFw7TuetcaH-1qRX2XIP2dClaEOC1QusJ2iByKZG9_zigSI-dN4GHxMmyRk-PsTQ4u3tYmI99mb-Ea21L9C3-QuiSjLqcI73_JW7CH1PjbOU-oFg2Rymj55muri2kd6d5hV4P-XOhJWocQ1IAmNa87PDlZDx6PbK9kBIKA4cuUPTStwGsf4Z30VaqnbeM-zac2NcrQYUl7ryNQmLHz_tBd_XRTTZbQWABvr4hbmC4vC06QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2oN8CkIwT7mp5Gh5fLIWho9AQwEg%26client%3Dca-pub-2158299410801748%26adurl%3D
Frame ID: D8EC884CE1CEC45C00C9F89603C167CE
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFFAA013E63A14C9999DF82E0ED6356F
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAMsWAFKO-1AAqvMzOsco3NeFnKxtTGIg&u=%7Cj3M40v8jsYkOV6i54mTH92A945wdvxpXLaxeQevfiRo%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3ZW26fUeL8sYoJepvu1bVkIuhJQ8dZsrVq5ztiO86aRXXTBXPctKgzSICpDa2Knbkbxor_kIj6rLAvblGVnRt2zd9gkjZW7iKyDb-I0sw-UUwXaNTS028axyuUeSmBvXBGfpJkFX9EsHtasOZUQIjwL1J1RynEXqyh-teZJ6qovwGGW5_B5HIPgIBTR9BVmeBBqwIiYg5WEUF4ukme0ws-svNJm0gIonDmKZU5y1AIyUdkCOczNbP62l4xCL8gWNoG3497_S9VFDbh0GLbSZK4UWISSXGj4mKc8N4sibAyhwgXr1qd0XzvlFn_Vp1EfkAQ66d3_nZPoENZ0sCoh6q0FZTf1VIpkWG_r11XA0kpY3J9rTknKOULuHq7Zu1Y1dbu0zVQj58fggJc7ljR68MM0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLIyss24HY-DiMrXfo9kPs96q8AScge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIxNTgyOTk0MTA4MDE3NDigAazd_ugDyAEJqAMBqgTNAU_Q15dGnUbgAN1kTYrUv511YMpgpUDnO3Lxwd2wStZI658-hbwU_3Bomfg9Kk-6EAJKApfjoZUrnkihN0x358z8RKzVRkOB_pP03co1cPtRYdOzi2l0R_aMF5b0IYi64vU5qouzCmwYwajhcF9FjuQlMsjQf1XV46Tl0kR6r-ubYkcUU6QIFj9z2Ypi6S8P7kwPCcCNOOswSQyhGJC32Ig0YSi4Hz7iXfM_dpnhc-m_56U1zhLP5SlnkP_DkmRZPgXly3chkDbKAlMffcKABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1cvoUkBALTSTLnAbtZ_eNfPG-TRQ%26client%3Dca-pub-2158299410801748%26adurl%3D
Frame ID: 7F215F7C957C743FE0D5E9348CDB53F1
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9DDE57A136EF4E7F22EFBC1C64C51711
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Frame ID: B447AF599A46AA386B914ADF50C83D6A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FC5B354B92E9FD73FD6A339619784F6A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 5A162B730FC326466ED33EC330462C36
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2833BB8FDDECDCA982B05AEB7DB5BBCF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1819EC67224B65A9327791E0531F2761
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلا شوت Yalla Shoot | أهم مباريات اليوم بث مباشر بدون تقطيع

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

159
Requests

94 %
HTTPS

66 %
IPv6

23
Domains

31
Subdomains

25
IPs

2
Countries

1561 kB
Transfer

3434 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://albaadani.com/
Title: Designed by | albaadani

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://rtb.openx.net/sync/dds?google_gid=CAESEPHEzEoPIAJOLwAmc9zs8eQ&google_cver=1&google_push=AehlK4A1007YIRijb-gt1neMj7D5CyJeALQsFDwHQwIPCdGxT4DLDmfGiwL_XKObF2hj9DDoGhSWyKCdT18iqMy0U2aaXrTjrmMG_bBfnxceJzQ3rrSfRT_CTSblHp0exkwe5V_r8AH0mhlOEZzrR9PuR5c HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEPHEzEoPIAJOLwAmc9zs8eQ&google_cver=1&google_push=AehlK4A1007YIRijb-gt1neMj7D5CyJeALQsFDwHQwIPCdGxT4DLDmfGiwL_XKObF2hj9DDoGhSWyKCdT18iqMy0U2aaXrTjrmMG_bBfnxceJzQ3rrSfRT_CTSblHp0exkwe5V_r8AH0mhlOEZzrR9PuR5c&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A1007YIRijb-gt1neMj7D5CyJeALQsFDwHQwIPCdGxT4DLDmfGiwL_XKObF2hj9DDoGhSWyKCdT18iqMy0U2aaXrTjrmMG_bBfnxceJzQ3rrSfRT_CTSblHp0exkwe5V_r8AH0mhlOEZzrR9PuR5c&google_hm=8Tjv48E9yc4mSuqTurFsmQ==

Request Chain 109

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEId3gIvDY8PqYH_v8sn5SPk&google_cver=1&google_push=AehlK4AfhEGOVuPiPjX4eOsT8mWPTGIt6xMJzb7dfxq5vmlpAlh2GjrsKrSyD1OmO-HcuH1FY6FRWc5IpTXY-Y_LvohVdL8Bo79NxvKoQil2DC59lAIHrVk8mfHrLfjEgReWSWoCndvORLLDdnHnMs9pnUU HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEId3gIvDY8PqYH_v8sn5SPk&google_cver=1&google_push=AehlK4AfhEGOVuPiPjX4eOsT8mWPTGIt6xMJzb7dfxq5vmlpAlh2GjrsKrSyD1OmO-HcuH1FY6FRWc5IpTXY-Y_LvohVdL8Bo79NxvKoQil2DC59lAIHrVk8mfHrLfjEgReWSWoCndvORLLDdnHnMs9pnUU&rdf=1

Request Chain 110

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDnvan37T9UhJ6jqfMSllkI&google_cver=1&google_push=AehlK4A5oLFG3a_MatO6YBkwPtbva7ffE3ddy2cjQ20tIxm75dUX2iPNBnk_0RJIoyzUSRR6rx7HHuIcsUnQjpgKrwj5Iau4MsYGezJhl35uKvNPoV5yFwNR2NABzCIx4Chpc5fYy2e4o27JytdvqJPHQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc5MUVLT1otSC1DTDkz&google_push=AehlK4A5oLFG3a_MatO6YBkwPtbva7ffE3ddy2cjQ20tIxm75dUX2iPNBnk_0RJIoyzUSRR6rx7HHuIcsUnQjpgKrwj5Iau4MsYGezJhl35uKvNPoV5yFwNR2NABzCIx4Chpc5fYy2e4o27JytdvqJPHQw

Request Chain 111

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ3Cu_4C3vpLCGbcR-Pu0nA&google_cver=1&google_push=AehlK4CJ757jCdICL2T8oBrHSYhS5rK7FcnUcYQBR_RF85buSzZmjZffGvzAQNqDrmGsRm1aLtX7Y8NpyVsgD3Lu1aZXSMD8AGp1WQmp_7eSbYoGRsMhjWEHGsa1cOmV38lPYfdhcfJahDg30XBps_IIFys HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ3Cu_4C3vpLCGbcR-Pu0nA&google_push=AehlK4CJ757jCdICL2T8oBrHSYhS5rK7FcnUcYQBR_RF85buSzZmjZffGvzAQNqDrmGsRm1aLtX7Y8NpyVsgD3Lu1aZXSMD8AGp1WQmp_7eSbYoGRsMhjWEHGsa1cOmV38lPYfdhcfJahDg30XBps_IIFys&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ3Cu_4C3vpLCGbcR-Pu0nA&google_hm=YwdutWfe4qmY0SDgrgva_wAAAc8AAAAB&google_nid=index&google_push=AehlK4CJ757jCdICL2T8oBrHSYhS5rK7FcnUcYQBR_RF85buSzZmjZffGvzAQNqDrmGsRm1aLtX7Y8NpyVsgD3Lu1aZXSMD8AGp1WQmp_7eSbYoGRsMhjWEHGsa1cOmV38lPYfdhcfJahDg30XBps_IIFys

Request Chain 113

https://cc.adingo.jp/adx/push/?google_gid=CAESEMgv9kT8SuQjqz8JWnszdWE&google_cver=1&google_push=AehlK4C86us7ukQHPDifFPEpUEMkM7MkjV-Ceo-YoQNA-z6RTlCRU6or0FmA-yXQcIdkoTGDEXU0MAQArYSfg9tA6Mrk4Ib5GNu6aV_xHvryxYdrwrQQ9F-d3Ba_cwWDV_gcpbnuwqT3VLhElxDOQKxGew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4C86us7ukQHPDifFPEpUEMkM7MkjV-Ceo-YoQNA-z6RTlCRU6or0FmA-yXQcIdkoTGDEXU0MAQArYSfg9tA6Mrk4Ib5GNu6aV_xHvryxYdrwrQQ9F-d3Ba_cwWDV_gcpbnuwqT3VLhElxDOQKxGew&google_hm=6f2fa990c1e545ea49761d3a6b77e82d

Request Chain 116

https://d.agkn.com/pixel/2175/?google_gid=CAESEFB5cMZ181t1sJABvAAuGkI&google_cver=1&google_push=AehlK4C4i03lGNl5KgVrMOsiclQUiw2J4IuL2j8G0xz8AoavFiA2RGV_NsK33CsIwkEIyiyOOp8CXeFY-D4Gxyn1-FqLo91l0MpaeAkwxE1vMne9udac97xs4PI78CMLQXhsWFuNTNAsTum4-dHsnZchCQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4C4i03lGNl5KgVrMOsiclQUiw2J4IuL2j8G0xz8AoavFiA2RGV_NsK33CsIwkEIyiyOOp8CXeFY-D4Gxyn1-FqLo91l0MpaeAkwxE1vMne9udac97xs4PI78CMLQXhsWFuNTNAsTum4-dHsnZchCQ&google_hm=Q0FFU0VGQjVjTVoxODF0MXNKQUJ2QUF1R2tJ

Request Chain 117

https://rtb.openx.net/sync/dds?google_gid=CAESENmvUpQzPQ_GwGbREkr5tp8&google_cver=1&google_push=AehlK4CzR-i04rNwG59ckmuDfYA1WhmBreoi_eWor5P0tCKwne1_UthxVIUcrNBwmXa0u59JScxGWXigYp4eBEiWTf1fnJLZiPDIPXkNE1uBLoaaiWI9HRP7cRpnK6Sp_RlEeAfTI92iPNIvmSp1S5PAIQ4 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESENmvUpQzPQ_GwGbREkr5tp8&google_cver=1&google_push=AehlK4CzR-i04rNwG59ckmuDfYA1WhmBreoi_eWor5P0tCKwne1_UthxVIUcrNBwmXa0u59JScxGWXigYp4eBEiWTf1fnJLZiPDIPXkNE1uBLoaaiWI9HRP7cRpnK6Sp_RlEeAfTI92iPNIvmSp1S5PAIQ4&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CzR-i04rNwG59ckmuDfYA1WhmBreoi_eWor5P0tCKwne1_UthxVIUcrNBwmXa0u59JScxGWXigYp4eBEiWTf1fnJLZiPDIPXkNE1uBLoaaiWI9HRP7cRpnK6Sp_RlEeAfTI92iPNIvmSp1S5PAIQ4&google_hm=8Tjv48E9yc4mSuqTurFsmQ==

Request Chain 118

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKl5riGaRtXuID9sz7g1MTg&google_cver=1&google_push=AehlK4ClhYKM1Ob8djqEnXEjtJUMiW9DYLvWjHtZ6rGHp7BRKh_KPkVe5t-ltmP-45FrmH9-BJOb-huZIkisI6mNNLYIogqIL1dHK_w3oKwF2sd4_Cg6Wje2ld38Z-CykElIqN6YxvOT2Bo-x3MtSBj0Bfs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc5MUVLT1otVC05RjMy&google_push=AehlK4ClhYKM1Ob8djqEnXEjtJUMiW9DYLvWjHtZ6rGHp7BRKh_KPkVe5t-ltmP-45FrmH9-BJOb-huZIkisI6mNNLYIogqIL1dHK_w3oKwF2sd4_Cg6Wje2ld38Z-CykElIqN6YxvOT2Bo-x3MtSBj0Bfs

Request Chain 120

https://cc.adingo.jp/adx/push/?google_gid=CAESEBwVeY9DxWI-TlNqsUr2R88&google_cver=1&google_push=AehlK4C9wLTl26YDff9CPnSDmxhfm0xe1NjVRnZUtO1Gt0SNZyUKcLaiD8s5eQMxmS6q5KUGLrDQZYq0MRLrcVXeF_ztW25Aa0wCAvn-kpx7q4gdbFpqD3sFwtDV-CRWEy8tXSUwHRE_AwGqJ2c7O8lpng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4C9wLTl26YDff9CPnSDmxhfm0xe1NjVRnZUtO1Gt0SNZyUKcLaiD8s5eQMxmS6q5KUGLrDQZYq0MRLrcVXeF_ztW25Aa0wCAvn-kpx7q4gdbFpqD3sFwtDV-CRWEy8tXSUwHRE_AwGqJ2c7O8lpng&google_hm=6c9453b753b0a667c8eb5e1f4bbf2c5d

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

159 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.yalla-shoots.com/ 56 KB
13 KB 511ms
476ms Document
text/html 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yalla-shoots.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f64a93b82ff811b5d20bbb8b86292f486a9ff98423e9140af4db34a826e8d0ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74046b7aad0117ad-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 12:44:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eqwD7HvqNK7BWxBHIXLAm1X%2B3rOLRP4CW%2B3EQJnVfikN%2FJGgDJpGjkGeixP8jlescbjbHNj9SQ%2FrHA5FPlFr2gGT%2FFh4aoXfRrNxHShmF9uwq3i8nJzBA9HN83Erw4uA1Z3A3Ic6PIO3SomyaosyJ0rxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie
x-cache: HIT

GET
H2 200 %D9%8A%D9%84%D8%A7-%D8%B4%D9%88%D8%AA-1.png
www.yalla-shoots.com/wp-content/uploads/2021/12/ 7 KB
7 KB 17ms
15ms Image
image/png 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2021/12/%D9%8A%D9%84%D8%A7-%D8%B4%D9%88%D8%AA-1.png
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700240968be03f760f89e5cdc667a54fbc66a88f820b1fcd0534fa9df9b2add3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2312599
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6930
pragma: public
last-modified: Sat, 02 Jul 2022 12:36:26 GMT
server: cloudflare
etag: "62c03bca-1b12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFPMDTCSshiBd4n6KLN6PbdStjCXhqOrIGSiDD%2Bxn6XYbhyA12LkpR6n1tc7XedBSGdhdV2MP6BMfvd5QAJikYhIXqgUL4H4eBtv9aA3M57Gw71s%2B6wI%2FGrzA12BvOWRzh0elC2r3YryEDdaab%2Byh%2BP90g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7da8d617ad-EWR
expires: Sun, 28 Aug 2022 18:21:15 GMT

GET
H2 403 up.js
live.demand.supply/ 0
0 118ms
82ms Script
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 77ms
33ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2158299410801748

Requested by

Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebad514e574e7fb59c15f9565eda6efdb17970993fbafe637c8b666c21a78c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Origin: https://www.yalla-shoots.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57561
x-xss-protection: 0
server: cafe
etag: 4677347534024752114
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:44:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
42 KB 88ms
44ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-216576985-1

Requested by

Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7100c018b46774a1f126e14929fe6404d1c10c7d8564464411bf448b7d1d9e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42046
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Aug 2022 12:44:34 GMT

GET
H3 200 jquery.min.js Show response
www.yalla-shoots.com/wp-content/themes/AlbaOnlineKora/js/ 94 KB
34 KB 15ms
14ms Script
application/javascript 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yalla-shoots.com/wp-content/themes/AlbaOnlineKora/js/jquery.min.js
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ca8f6af1b7f41e3b9d39d7281be3ee848d8052832e5c5e08b5926c653e24ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130204
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 02 Jul 2022 12:40:04 GMT
server: cloudflare
etag: W/"62c03ca4-17980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YngVykPNiysT2L9AgZLk0ByZnVy6N7SIECsbTzTfSB%2Br0fL3MqMQarWLPT1%2FtAoU79fluSxQ1kq6W0OcapP92o6CP6fsaOQo1ubqlh4FP%2FwDpaQd8GXI6Ve6sMXO1hKvaWi%2Bq%2FcK0bmivAF1f8UpRcfmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 74046b7ddb671774-EWR
expires: Fri, 23 Sep 2022 00:34:30 GMT

GET
H3 200 AlbaSport.js Show response
www.yalla-shoots.com/wp-content/themes/AlbaOnlineKora/js/ 52 KB
18 KB 32ms
31ms Script
application/javascript 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yalla-shoots.com/wp-content/themes/AlbaOnlineKora/js/AlbaSport.js
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af86ded17471f1dbbfad46c3a5b3f7f93a868a604d74dd7dbf877282ae216fae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154202
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 02 Jul 2022 12:40:04 GMT
server: cloudflare
etag: W/"62c03ca4-cea6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61WEjTpSRco7fcRSI%2BSrqiswgYN64DTfuvkr%2B2J3by%2F4akvEmHlxqugQOdaxQVQcA7EOKDFREGl5JfiWJNFVk905EJTiMndaaSgd8bpjwe4CZ5RWftfPDCzXl0NknNOs1EDw7gwF%2BUueFzxZdvfDfeq1Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 74046b7ddb6e1774-EWR
expires: Thu, 22 Sep 2022 17:54:31 GMT

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 NeoSansArabic.woff
www.yalla-shoots.com/wp-content/themes/AlbaOnlineKora/fonts/ 56 KB
57 KB 25ms
24ms Font
font/woff 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yalla-shoots.com/wp-content/themes/AlbaOnlineKora/fonts/NeoSansArabic.woff

Requested by

Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.yalla-shoots.com/
Origin: https://www.yalla-shoots.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57364
last-modified: Sat, 02 Jul 2022 12:40:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3f%2Flwz%2FI%2F15Hl3f5zHXT61bPJviS0Q1T7S7n%2Bas33jfap5JhBbY9vgY8KiIagy2le4cwQfjKQE28JAKvG7lmHSfqXH4q5VfGx94BOdXFTq1lUQylqe1%2FN8HB6VyG%2FI13Bk4%2BeW2mN18uKvQuxDDCDLEvng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74046b7deb841774-EWR

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 537183.png
www.yalla-shoots.com/wp-content/uploads/2022/08/ 24 KB
24 KB 29ms
22ms Image
image/png 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/537183.png
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdcec4290839d80b34337ba1e4c361178acd46a46c1446f94c89ea854eee35e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45863
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24203
pragma: public
last-modified: Wed, 24 Aug 2022 23:47:29 GMT
server: cloudflare
etag: "6306b891-5e8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOU5ebWvhmlNTehd2DZA92W9gVyZLftiDCP%2BnhP5ZA7J7yw9aJxplbnytlg6fapRgItKiWedBoXMiRBaVdDFW418tDChXayj0EEgjHrBekqb7h8DWAljmclB2LtDf4z1a4alguVw3rhJBm7Ocr0IebRKrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8c9a1774-EWR
expires: Sat, 24 Sep 2022 00:00:11 GMT

GET
H3 200 %D8%A7%D9%84%D9%87%D9%84%D8%A7%D9%84.png
www.yalla-shoots.com/wp-content/uploads/2021/10/ 12 KB
12 KB 51ms
45ms Image
image/png 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2021/10/%D8%A7%D9%84%D9%87%D9%84%D8%A7%D9%84.png
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d3d356f8269622a6dc1655cba39c587917a48d29f24737034ce75712bb63b15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48148
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11999
pragma: public
last-modified: Sat, 02 Jul 2022 12:36:26 GMT
server: cloudflare
etag: "62c03bca-2edf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6tD04eAk%2FrsEnoscXKF%2F874w%2BBjgBVzUs3IRcxZBWqg4TkxGysidR93p2g0mlEUaYlOwqHbMP9fzuaaKd%2ByMFdGhFBn3jiKUmZSrblQzElLvvzTS5chLSXg74LKsiKx8idcVuHognQpUSKbhMgBsWt1Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8c9d1774-EWR
expires: Fri, 23 Sep 2022 23:22:06 GMT

GET
H3 200 11-22-300x171.jpg
www.yalla-shoots.com/wp-content/uploads/2022/08/ 9 KB
9 KB 25ms
21ms Image
image/jpeg 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/11-22-300x171.jpg
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f3279dab94b012acc950dbf044025525a4559530207d5d9e74e894295e35137

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15368
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8814
pragma: public
last-modified: Thu, 25 Aug 2022 08:26:33 GMT
server: cloudflare
etag: "63073239-226e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4f50fUciBpkm5I8HGMMo3vLRBPah1%2FGtB4IFlyw37fF%2BvZsFN21qJaMYHU7jNdsK1uffSLp3%2FdZLMnQ%2BpfNPy0ij5bQ%2FotUzXag32joSR09R%2FYVAgstpf6HIJNLV9ZHqYHdLnFUNpYNwiiXe0Cx2eWON%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8c9f1774-EWR
expires: Sat, 24 Sep 2022 08:28:26 GMT

GET
H3 200 44-7-300x171.jpg
www.yalla-shoots.com/wp-content/uploads/2022/08/ 9 KB
10 KB 51ms
48ms Image
image/jpeg 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/44-7-300x171.jpg
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf462bab43547c17cb3599e4e4b20430ab3ff5566ff5f84e07144cc119201575

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9401
pragma: public
last-modified: Wed, 24 Aug 2022 11:06:22 GMT
server: cloudflare
etag: "6306062e-24b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sf6moDWoB1BtXCYfurHMjd7ofZFf9XOYRS7sA%2BtuK1k0oa%2BQyx1py%2B1VE9ZV3hgES1N%2BugpPiJCCvn0d5SJFYABDCu6bCWLhKslXLLL9yUFFaYAPOnSNLSiaH6GrzkfVyjdvTv3KYOY5fTvmyed50l4PXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8ca01774-EWR
expires: Fri, 23 Sep 2022 11:18:24 GMT

GET
H3 200 55-1-300x171.jpg
www.yalla-shoots.com/wp-content/uploads/2022/08/ 10 KB
11 KB 24ms
20ms Image
image/jpeg 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/55-1-300x171.jpg
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d17e66bf2ce02165f8a7b406b12b54c9c29508009980dd9517e783c9ba236a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91028
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10217
pragma: public
last-modified: Wed, 24 Aug 2022 11:06:24 GMT
server: cloudflare
etag: "63060630-27e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYwOwIqqSH2HY1sZk8bQLGYOvwyfPKSwuM2KZ9c7jJtMTY90XPD%2FkcLw8qpsA%2B7Wc2nVZBBab%2Byy4HMoriiqf7MNQ1W7EqPgjV9vJCcfgCJoIihYwyn8r23vuQCftBRPPQCJUbWWSAwu6fZBhzhax%2BBR6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8ca11774-EWR
expires: Fri, 23 Sep 2022 11:27:26 GMT

GET
H3 200 11-21-300x171.jpg
www.yalla-shoots.com/wp-content/uploads/2022/08/ 8 KB
9 KB 52ms
48ms Image
image/jpeg 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/11-21-300x171.jpg
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7193e5b9fd63da115c69addde247563481cfe48637c879d292ed2857d413a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91569
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8204
pragma: public
last-modified: Wed, 24 Aug 2022 11:06:15 GMT
server: cloudflare
etag: "63060627-200c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTplpPPe4o9h49cXwehHHcq4j4wpFy3rk2zwZk9NUwJ8qwBwXkdMr3x4UZ8Yi%2BZBVFGjaWPU6oBT6oTEMk3jbeobpTlxIYqXGNWe16tgPqM%2F8PIvuTKQcx02DHKdkBa3NSOed%2BfMgP8xPQDQ3dOv%2Br6Aig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8ca21774-EWR
expires: Fri, 23 Sep 2022 11:18:25 GMT

GET
H3 200 22-17-300x171.jpg
www.yalla-shoots.com/wp-content/uploads/2022/08/ 9 KB
10 KB 32ms
29ms Image
image/jpeg 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/22-17-300x171.jpg
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85674e771265b7c7cc66b902931f1c9e28225292f033b0677543ddb1907e4d83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9335
pragma: public
last-modified: Wed, 24 Aug 2022 11:06:17 GMT
server: cloudflare
etag: "63060629-2477"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMezrinz3sehlXSng0sPVYPSK3KhgkrNBG52IMztPNRnAhJm3WJVOECxjdS6yRodHDuMKlwC9Z5mq80ovW6K6D4J5sKYNfOE%2BbOwsgAjJDHwOPGxq1oGzPQp3njFi4qrzlAVW3jtegNpB9c0mOMedKfRzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8ca31774-EWR
expires: Fri, 23 Sep 2022 11:18:24 GMT

GET
H3 200 33-12-300x171.jpg
www.yalla-shoots.com/wp-content/uploads/2022/08/ 9 KB
10 KB 45ms
42ms Image
image/jpeg 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/33-12-300x171.jpg
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 137993619a3a12882f44b203d2562860966e788a85798aadf6d7945269a8e79d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91569
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9160
pragma: public
last-modified: Wed, 24 Aug 2022 11:06:20 GMT
server: cloudflare
etag: "6306062c-23c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyeAmdutAqqcNa4aSMqrDnQol8g2lGznafcYcdUYUUUyne%2FJ4DNhhoOEvZzJta9b58ekj7uF%2F%2Ftl0AM9K1dPahnwDRVmZGzW5R38XKS7JD%2Bo4XukARQZkkn0igqOZ8mwIyyxBQIqk3n0pXRfSKnfPhceuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8ca51774-EWR
expires: Fri, 23 Sep 2022 11:18:25 GMT

GET
H3 200 33-11-300x171.jpg
www.yalla-shoots.com/wp-content/uploads/2022/08/ 10 KB
10 KB 46ms
43ms Image
image/jpeg 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/33-11-300x171.jpg
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a8f1357bb31716815985c119c4d8ea4cb8a2fe585a008922dc6c1ef2079d9c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10087
pragma: public
last-modified: Tue, 23 Aug 2022 10:33:58 GMT
server: cloudflare
etag: "6304ad16-2767"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgnXZozi1byAqq%2FIvXkg75RoRmycfVjtei%2FAB8COZ%2B9xYSUeoP%2B5BddhWQLvgqq%2BVw%2FIu1R159ygD5aLLgPcTZA8Q2iOh%2F4sp%2BCzNVW3mz4joWRtNPwDc2M1ts3c7aetJpS6Af1hDWOOhCzLPKVBg25nbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8ca61774-EWR
expires: Thu, 22 Sep 2022 10:38:02 GMT

GET
H3 200 22-16-300x171.jpg
www.yalla-shoots.com/wp-content/uploads/2022/08/ 10 KB
10 KB 52ms
49ms Image
image/jpeg 2606:4700:3033::ac43:9fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yalla-shoots.com/wp-content/uploads/2022/08/22-16-300x171.jpg
Requested by: Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 862a0032532fde6b26942f8ec9f7c50b5180f4b8297d0f02eb22b0811e6f4356

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180364
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10106
pragma: public
last-modified: Tue, 23 Aug 2022 10:33:56 GMT
server: cloudflare
etag: "6304ad14-277a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79rIgQ5ro7nluA%2F%2BfmUt4Qgy0vDkqyOwdEUBJKWk5urNggWLY%2FhWztT%2BcW2NJ72F4qthR02Y%2F1I5G9rm4hShqO0%2BTvTtfBUA6Hvayx9K3TDiYRcMlzz07koihk3D0VpJTOPV5cUNeviYbQ2JtNZYtZZISA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 74046b7e8caa1774-EWR
expires: Thu, 22 Sep 2022 10:38:30 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 341 KB
120 KB 76ms
64ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2158299410801748

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20cd1f9174202c9debe21530ce5b4003b994cf05967a141563b0e949a87dcca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122723
x-xss-protection: 0
server: cafe
etag: 8697262721062466004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:44:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame 0D6C 10 KB
5 KB 25ms
6ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2158299410801748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 09:45:23 GMT
etag: 8616628553774171045
expires: Thu, 08 Sep 2022 09:45:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
4ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216576985-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6134
date: Thu, 25 Aug 2022 11:02:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Aug 2022 13:02:21 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 42ms
18ms XHR
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=870385543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yalla-shoots.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20Yalla%20Shoot%20%7C%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1563813801&gjid=1467008627&cid=1213669314.1661431475&tid=UA-216576985-1&_gid=941990663.1661431475&_r=1&gtm=2ou8m0&z=1678072781

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yalla-shoots.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yalla-shoots.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
703 B 62ms
25ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.yalla-shoots.com&callback=_gfp_s_&client=ca-pub-2158299410801748&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

70101b6437992912b9bd530d1cac5093fc4023b225102de8f860b2fbd41e959d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 54ms
26ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yalla-shoots.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 12:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB50 179 KB
47 KB 401ms
383ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&adk=1812271804&adf=3025194257&lmt=1661431475&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475016&bpp=6&bdt=198&idt=191&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3147178449308&frm=20&pv=2&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae6317ae48a26b74b5c258a78fcaa19f0ed040386230a5ad9bb079fd5ef26a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48035
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:35 GMT
expires: Thu, 25 Aug 2022 12:44:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33DE 22 KB
10 KB 361ms
348ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=2181667279&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475022&bpp=3&bdt=204&idt=219&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B6xAmW0b66&p=https%3A//www.yalla-shoots.com&dtd=227

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f34fe7d3e261999e011e57c8bb72766afaa8238973ae30f8c1e0721679bc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9775
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:35 GMT
expires: Thu, 25 Aug 2022 12:44:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE40 26 KB
12 KB 347ms
341ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

658ef0beb4f0590f53ee4085c2dff5e7d873a5b7302768359e6564cad6706402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12010
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:36 GMT
expires: Thu, 25 Aug 2022 12:44:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 33DE 3 KB
1 KB 28ms
5ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=2181667279&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475022&bpp=3&bdt=204&idt=219&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B6xAmW0b66&p=https%3A//www.yalla-shoots.com&dtd=227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:42:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 33DE 17 KB
8 KB 27ms
4ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33DE 140 KB
44 KB 57ms
34ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:44:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 33DE 0
0 80ms
79ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfX-ds24HY4LwEf7Zo9kPxtWZkA2cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMUBT9CGs05uVw5gJ_afPbGbXbO-L_RQzYjTmHq_4tzJXkvO_ME3_hI7bSpZWB-Nsn10hvnAmXLhtEJm_fPE0mKx-vtBYHwnRLf6XLn1S_kkUDHYxbDCUPVIgpZufwiTG9la00sGC5KOzULp7FcLdQbNaIgVWY8gXwQoWiU9kFli57sHCvEjWuV7M341kaoYlP9n-CNZx4SfzTs71K_qbG7su9hq9-0f1xyLx94DYsxqzdk1c03p-KTP5UhDTF_nmtS1ysGplbWABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIxNTgyOTk0MTA4MDE3NDgYAA&sigh=nJQ6WI3M0vg&uach_m=[UACH]&cid=CAQSGwCsnQUxqK0ODHgKFQOhKxFiQx6Pv53e-EqF7hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=2181667279&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475022&bpp=3&bdt=204&idt=219&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B6xAmW0b66&p=https%3A//www.yalla-shoots.com&dtd=227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Aug 2022 12:44:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 25 Aug 2022 12:44:35 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 33DE 0
0 43ms
11ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ksaHE836RMwImALiIp0XAgAAACVpKheW6bq6hm2shhCybgdju_knllBLn4wlftAAEgAA&wp=YwduswAEeAIFKOz-AAZqxt2SIAfas9Pezgwixg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 175919
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame D999 133 KB
45 KB 116ms
89ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAEeAIFKOz-AAZqxt2SIAfas9Pezgwixg&u=%7C6d8pNgmy9mG5EXm4TlkAfRqjW%2Fad9F%2F%2BFo%2BMUxih%2BEk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3YMD9Vj1vhR9mcgK6JeHvCgOlZiA2exYrLF38ll_kQUJFZG00U_OA0drj-3YIxEHHtu9MAnmSw_QSan4SDsIJcGfEDGlrX24_SrHBHliH3wbQj1kp22bg5joADTXnltGrtw3_mBeAcf588l_Mh96HkqnV3_k59cPxM9nqXaYiUK8j47lJ9KiU0QIw4u6uShcKsZgQ12g4nGyxFIIbN_xbBeU4N5c4gmerd-CdU0U8wMvlLFHh9ohmIlcOo8h3WI1reLkg3fe7ifThz9Vq02YLaRBbgCwHv1JDIz5ctEnpU7DPNnuLmmlwXPtryi2vTt-d8tZRTj7PEJ89Ojkgpp90WbiEL2sb_AzZtmxzAqcE3YwNcv_kmhKpESDkk8i2AfolfAeu2yjGn-9CyTvkvTjxtULDmylsfdCgGmt3XS4ZUvGkNJROkqicQiOwUtwCb-SE3Lc5mreRX3GI0OwoIeQFJCDGrHPdeNvvbSOWMg7Qnc3Fp0rOgY9uNKKLVgr6xJ-2p_K8u5zRz-e7_stC0xFbj5BxdaJZ2lQR8JKZxz1s9v_MGmJJWL41TP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyqrQs24HY4LwEf7Zo9kPxtWZkA2cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9CGs05uVw5gJ_afPbGbXbO-L_RQzYjTmHq_4tzJXkvO_ME3_hI7bSpZWB-Nsn10hvnAmXLhtEJm_fPE0mKx-vtBYHwnRLf6XLn1S_kkUDHYxbDCUPVIgpZufwiTG9la00sGC5KOzULp7FcLdQbNaIgVWY8gXwQoWiU9kFli57sHCvEjWuV7M341kaoYlP9n-CNZx4SfzTs71K_qbG7su5po13-0JZWLBFdu7icQRBqCT2Xg1rwLfrs5xZZZhPitYxc4lXbDZBqABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16s_FHNTRxboIi-8PTkOa8pl8HwA%26client%3Dca-pub-2158299410801748%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a547ff731b962394c8425e7bbf57daf1c0306598fca26088bbf9a683a359fb56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=ID6t3Dp781FA3-lmgHb-074fEo0NhigQojF5yV-RembUozNnF2mXy0fiNc2e-7Ivm1kbYpTfoYrszuJVUF3fMv2sshLwCSn2DobD8KIMlUNLNI5FYiPiLO_pu-S9dpznQnTOWxSqmKYO-3NV-KgWE4kC2nkTCDWjcr_kKebJsh3LR63bI0kzDAVQnoqQUk_iu-XsdsCRNmRH_E47-fWS6mr4E1IGXOROp0_zaxtjdVa4keTqe-Utar4n1OZ5PUWBVcdWoaex5qDzYLGM"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 77809138
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 150 KB
53 KB 47ms
47ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b06e9ac9e16808847aa3e5e1187d254d3b8e188794a9763406454c778c8f63a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54614
x-xss-protection: 0
server: cafe
etag: 6177731582088805388
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:44:35 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
24ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yalla-shoots.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 12:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C8B 25 KB
12 KB 275ms
274ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3419509487~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&to=qs&pwprc=5927516270&psa=0&format=1200x90&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475787&bpp=1&bdt=969&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a9f26edc91fcda6-227b6e1c4ad6002a%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_MZm-vTa-WjU22vcaMHX97KMYBECwQ&gpic=UID%3D00000799e8033ab6%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_Mb8lpYds2DVmgCbHV9EKEP9LqG0DA&prev_fmts=0x0%2C1100x280%2C1100x280&nras=2&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cZvK0dJ1H1&p=https%3A//www.yalla-shoots.com&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db6a9d685e2f20fa61a90ba1714c4457ee5f82fd78f558271a8e8dc67c4f90fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11758
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:36 GMT
expires: Thu, 25 Aug 2022 12:44:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 33DE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acb6e7a46010bc4fc4b99cfa2378baa398197358d62fc7b6c8b686a29a2a26f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame 085B 10 KB
4 KB 8ms
6ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 09:44:03 GMT
etag: 8616628553774171045
expires: Thu, 08 Sep 2022 09:44:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame 8EF1 10 KB
4 KB 6ms
4ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 09:44:03 GMT
etag: 8616628553774171045
expires: Thu, 08 Sep 2022 09:44:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D999 2 KB
1 KB 508ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAEeAIFKOz-AAZqxt2SIAfas9Pezgwixg&u=%7C6d8pNgmy9mG5EXm4TlkAfRqjW%2Fad9F%2F%2BFo%2BMUxih%2BEk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3YMD9Vj1vhR9mcgK6JeHvCgOlZiA2exYrLF38ll_kQUJFZG00U_OA0drj-3YIxEHHtu9MAnmSw_QSan4SDsIJcGfEDGlrX24_SrHBHliH3wbQj1kp22bg5joADTXnltGrtw3_mBeAcf588l_Mh96HkqnV3_k59cPxM9nqXaYiUK8j47lJ9KiU0QIw4u6uShcKsZgQ12g4nGyxFIIbN_xbBeU4N5c4gmerd-CdU0U8wMvlLFHh9ohmIlcOo8h3WI1reLkg3fe7ifThz9Vq02YLaRBbgCwHv1JDIz5ctEnpU7DPNnuLmmlwXPtryi2vTt-d8tZRTj7PEJ89Ojkgpp90WbiEL2sb_AzZtmxzAqcE3YwNcv_kmhKpESDkk8i2AfolfAeu2yjGn-9CyTvkvTjxtULDmylsfdCgGmt3XS4ZUvGkNJROkqicQiOwUtwCb-SE3Lc5mreRX3GI0OwoIeQFJCDGrHPdeNvvbSOWMg7Qnc3Fp0rOgY9uNKKLVgr6xJ-2p_K8u5zRz-e7_stC0xFbj5BxdaJZ2lQR8JKZxz1s9v_MGmJJWL41TP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyqrQs24HY4LwEf7Zo9kPxtWZkA2cge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9CGs05uVw5gJ_afPbGbXbO-L_RQzYjTmHq_4tzJXkvO_ME3_hI7bSpZWB-Nsn10hvnAmXLhtEJm_fPE0mKx-vtBYHwnRLf6XLn1S_kkUDHYxbDCUPVIgpZufwiTG9la00sGC5KOzULp7FcLdQbNaIgVWY8gXwQoWiU9kFli57sHCvEjWuV7M341kaoYlP9n-CNZx4SfzTs71K_qbG7su5po13-0JZWLBFdu7icQRBqCT2Xg1rwLfrs5xZZZhPitYxc4lXbDZBqABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16s_FHNTRxboIi-8PTkOa8pl8HwA%26client%3Dca-pub-2158299410801748%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D999 2 KB
1 KB 510ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D999 308 B
637 B 504ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D999 293 B
621 B 505ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame D999 43 B
348 B 526ms
14ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=SsMO_FvBdOTGvdR4ijHYzFW8jgrgp-s-j_vXhrGQXzJgGPAJQKSaZg2zo-X1rT5xB8pZQ6OOXTdYUrImQJYZ4fggI2XzOm_cNANK55nJgD0JHSCBm3FzQ9vl_R2x2pNxpGLS1un4Hzdm1WVOz4JHlEFPfjdilyHK-Ya47e3VFWJqKms6BZM-_q6ov-gQFTQ29jAF7btcNHjbR7pvhzW2CllsAQ7xCabXtaU_atULGuGUiYrMAseuBbCqwRuAxfMZIykEaLxEq6gtKIhP2eDa85cSQqszl68mFEvs6qXRsaK4Te5IbSKupu5afvV9VSXrvfZVDpd9jA9KS_7bJU-fPrVt6G67yM3GdDQKl3sQFZgJCzuXEK-CzErnHv00wZ2nNPxOmXXkG_JUTu24qy3In8bYsYGu-0LbC8bg7TA8vo8G5Axz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:35 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3595957
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 085B 4 KB
1 KB 524ms
19ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 12:12:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 12:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 12:44:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 085B 205 B
295 B 510ms
6ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:06:39 GMT
x-content-type-options: nosniff
age: 16677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Aug 2023 08:06:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 085B 604 B
1 KB 509ms
4ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 526798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 19 Aug 2023 10:24:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 085B 19 KB
8 KB 306ms
5ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 11:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 11:13:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8EF1 0
0 77ms
76ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYYTss24HY9vlEKqWoPMP8ZeXEJyB77BciqKWpLQBwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMUBT9A_PhzN4URa_l4NCm1P2iPvX3fspm7Xm2raj0OWpjsKfT8k0-uSw2564n0zxEosOVr6cls3efEERojSow2EB1QkdmdWq50x1DBFXbV7DVRZnmo6X900vmIoL1bGKRYfZ8hJ6LFIDVlhUOW4jf-IQKLmxhXFmSEKTiDkRVzmxcdAJtZDPY7IhiK2GMD_zG3G0lKb998D4jQop5JqauwHQ23CtkQ7__ZBI9QDAHJeY0ICyu0jP2muj1rnT1UCH_7Ntke68kSABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIxNTgyOTk0MTA4MDE3NDgYAA&sigh=1whcD0qcOpI&uach_m=[UACH]&cid=CAQSGwCsnQUxwK-ind-qGKyDO11-QauJgnhOkAPuTBgB

Requested by

Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Aug 2022 12:44:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 8EF1 0
0 12ms
11ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ksaHE836RO0HfOIinRcCAAAAN-d2hNqIAOCGbayGELNuB2Owy2rE8cecaHpyyQASAAA&wp=YwduswAEMtsIaAsqAAXL8dQsUURdmCwZI8VvrA

Requested by

Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 191389
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 9D79 120 KB
43 KB 74ms
74ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAEMtsIaAsqAAXL8dQsUURdmCwZI8VvrA&u=%7C6d8pNgmy9mF9%2FYGZcq74cX4jTWt8ZuXM%2F6EmeIo20Zk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3akTBMFdgR12ifQ06VNKUtriN0TUr4M9Kh-rseJCRPHPH8yRCdMP3EOjne-1-ymudJ223PNACbQGYUZ0YNso8kx7lrdX5-4ncUta7pKMnG5RXs7U7Oqc0vNNBFj60ohJlRMEVpURiLEwvsbGeCHHIn6zjyuUUyxB7k-c8AH_EWllWu_V0_Mp07Vb5YpvAah5ftYIIwRKy5pMXyxhPsMLDWhpPhg-64d5J7VinqoW92-oPBMhVLEmHbyFLpsNWJc6ifSOPQ4PNzr7Czc_cyHrBaWps2OseKQIWx5q8Bfhy4VsYFgObr2DJ8Wal2g1i4i8F7hcEofHliZk_32vc6pHP3E_0YrC_ixZl6HcdqvncNE_OW7CEdw4oh1nnGyC0J6njBpzddmzF761VbgHYtxdjorThLOIfyLughA2-viWRBbUxS2d0KYJ1QnzV5xWrmsWkqF2kApsu4Zse3GNKWdvL4VzlfLEy_APDhD9yibsd9hgTm_1tjXoGXUTWDS5sJuTkddNhvIcOHyOljBTpAPqcLx5tfpwYVCSCjQibtsMfWgUUicb0FR4Spw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqrjxs24HY9vlEKqWoPMP8ZeXEJyB77BciqKWpLQBwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9A_PhzN4URa_l4NCm1P2iPvX3fspm7Xm2raj0OWpjsKfT8k0-uSw2564n0zxEosOVr6cls3efEERojSow2EB1QkdmdWq50x1DBFXbV7DVRZnmo6X900vmIoL1bGKRYfZ8hJ6LFIDVlhUOW4jf-IQKLmxhXFmSEKTiDkRVzmxcdAJtZDPY7IhiK2GMD_zG3G0lKb998D4jQop5JqauwHQy_AltaQDX9B4F1ujJkk6oG19sUqEXFqFKmdxpy8AdLVH5Er8ocpm1qABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DTfx7QhCw5OLrbK2gDTVX4hMtGw%26client%3Dca-pub-2158299410801748%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

07f4b9b053b485a54696e258cfcae94425618c8d89a69555368bfaae6ef3e0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=iE9yTDp781FA3-lm5t3aqVnop-uTiJargYIAymKDQswgh1vwtz54rcisT7msaA5wN9cBKNOcAxfmgDXpdSITQF7DfVRY64OCqtsOrxb_UclkwtXceYxIQ6zhJfJrabL9UB-f8kdaCYPCAmUO1KCcUNtHNg0-2W66JyxegJunHiRwsmQ9mEUIRQeP0wqqiMjNdQxi81yQpEfnw5ckCiL57kxDhRSj8pRl13_n3u9MS78Jvg8AIeqC_sTY_ML6p-IMbqd1KA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 62748196
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 8EF1 3 KB
1 KB 306ms
5ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:42:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EF1 140 KB
43 KB 34ms
32ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:44:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 8EF1 17 KB
7 KB 307ms
5ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:22 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D999 12 KB
5 KB 496ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 70697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOcthbpTxDoMug8UOCBsvrhSy4hK8FqvS%2Bxh%2Bt9etbvJ28BXSrKvg3Gy88kTD%2FBJrOcaYMpYTOt0%2BFDfMitK7CnPuQJ9P3eIuB%2Foloa5Qk8O3t0NOGLcnqq3AsDsa4TVDRp28TGDlWPpTZ9ytDQVBN7M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74046b87d8b632f4-EWR
expires: Tue, 15 Aug 2023 12:44:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D999 12 KB
6 KB 471ms
15ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D999 55 KB
56 KB 489ms
38ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=42883&q=80&r=0&u=https%3A%2F%2Fklipsch.imgix.net%2Fproduct-images%2FT5-II-True-Wireless-Sport-McLaren-Edition.png%3Fauto%3Dcompress%252Cformat%26fillTransforms%3D1%26fit%3Dclip%26q%3D80%26w%3D1920&v=3&w=800&s=SUgS3UX23xjwv5fGpmFgd-_S&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

50ccee582140c4aa2ad1530837406afd7a4f38e375d510469c6c83477dd82ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29132879
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 56588
expires: Fri, 28 Jul 2023 17:12:35 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D999 85 KB
85 KB 461ms
12ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=42883&q=80&r=0&u=https%3A%2F%2Fklipsch.imgix.net%2Fproduct-images%2FT5-II-True-Wireless-Black.png%3Fauto%3Dcompress%252Cformat%26fillTransforms%3D1%26fit%3Dclip%26q%3D80%26w%3D1920&v=3&w=800&s=wd_g4tCQeJhz55hbB8Vc0vtC&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5ddf3d24115e92b23b85622cfcc2d44d77737efaf86d812c33d8fc5eda9c38fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29132886
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 86828
expires: Fri, 28 Jul 2023 17:12:42 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D999 31 KB
32 KB 484ms
35ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=42883&q=80&r=0&u=https%3A%2F%2Fklipsch.imgix.net%2Fproduct-images%2FSQUARET5WIREDV1.jpg%3Fauto%3Dcompress%252Cformat%26fillTransforms%3D1%26fit%3Dclip%26q%3D80%26w%3D1920&v=3&w=800&s=2ljnEMDnDqoFWffvQuQjhKm2&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

98c783f3e256d9302ee15d3b92526b60d0b19b14d12940261cb97080918f406c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29140549
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 32198
expires: Fri, 28 Jul 2023 19:20:26 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D999 0
128 B 458ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=ID6t3Dp781FA3-lmgHb-074fEo0NhigQojF5yV-RembUozNnF2mXy0fiNc2e-7Ivm1kbYpTfoYrszuJVUF3fMv2sshLwCSn2DobD8KIMlUNLNI5FYiPiLO_pu-S9dpznQnTOWxSqmKYO-3NV-KgWE4kC2nkTCDWjcr_kKebJsh3LR63bI0kzDAVQnoqQUk_iu-XsdsCRNmRH_E47-fWS6mr4E1IGXOROp0_zaxtjdVa4keTqe-Utar4n1OZ5PUWBVcdWoaex5qDzYLGM&sds=2&rev=82533&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 12:44:36 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D999 2 KB
1 KB 443ms
16ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D999 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame AE40 3 KB
1 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame AE40 17 KB
7 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AE40 0
0 44ms
22ms Image
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOWxHwmOJ8nniPqt0_508QgXGrj0608zYN13FU0p3czxKjIFMU4XJnMZQvkhaWBq7Ea1un7WRiL81NQsxKL6SNmOdl-w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE40 140 KB
43 KB 61ms
59ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:44:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4C8B 3 KB
1 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3419509487~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&to=qs&pwprc=5927516270&psa=0&format=1200x90&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475787&bpp=1&bdt=969&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a9f26edc91fcda6-227b6e1c4ad6002a%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_MZm-vTa-WjU22vcaMHX97KMYBECwQ&gpic=UID%3D00000799e8033ab6%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_Mb8lpYds2DVmgCbHV9EKEP9LqG0DA&prev_fmts=0x0%2C1100x280%2C1100x280&nras=2&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cZvK0dJ1H1&p=https%3A//www.yalla-shoots.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C8B 140 KB
43 KB 36ms
34ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:44:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4C8B 17 KB
7 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4C8B 0
0 23ms
22ms Image
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYzEmWkyEVbpsd9BSRSBH9iLmfm7LYT9Ro3VHwZL4bSGq13Md1H8mT36xcvXkfvXB4DyF2D_p2rU40bLWWLG3lQ1fnHA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3419509487~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&to=qs&pwprc=5927516270&psa=0&format=1200x90&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475787&bpp=1&bdt=969&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a9f26edc91fcda6-227b6e1c4ad6002a%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_MZm-vTa-WjU22vcaMHX97KMYBECwQ&gpic=UID%3D00000799e8033ab6%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_Mb8lpYds2DVmgCbHV9EKEP9LqG0DA&prev_fmts=0x0%2C1100x280%2C1100x280&nras=2&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cZvK0dJ1H1&p=https%3A//www.yalla-shoots.com&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE40 0
0 74ms
74ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdM0Us24HY9fULfegqMwPoOysyAmcge-wXLKaqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMUBT9DOwY9RYigCXtn_P72bJnMfUWlqjVwP3pD55dfKdJvojFw7TuetcaH-1qRX2XIP2dClaEOC1QusJ2iByKZG9_zigSI-dN4GHxMmyRk-PsTQ4u3tYmI99mb-Ea21L9C3-QuiSjLqcI73_JW7CH1PjbOU-oFg2Rymj55muri2kd6d5hV4P-XOhJWocQ1IAmNa87PDlZDx6PbK9kBIKA4cuQHRak6tQ3cZHMw3Jp2kui9tT0tVgx7QDEmIvMA1ARP1rAlGRfeABvr4hbmC4vC06QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTU4Mjk5NDEwODAxNzQ4GAA&sigh=CyuRvtGA3u0&uach_m=[UACH]&cid=CAQSKQCsnQUxxwMHk5Su6-cAUGiTbxGu0wO4f-8e-gUC8If20iSIInz3Gug5GAE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Aug 2022 12:44:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 notify
rtb.va.us.criteo.com/google/auction/ Frame AE40 0
0 456ms
454ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kurREM36RMwImALiIp0XAgAAACVpKheW6bq6hm2shhCzbgdj8YzFLjHgWrGlSvoAEgAA&wp=YwduswALalcDihB3AAs2IJSE6uvH91unuZYupQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame D8EC 123 KB
44 KB 99ms
95ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswALalcDihB3AAs2IJSE6uvH91unuZYupQ&u=%7C6d8pNgmy9mFHo0Is4e0LoFaofnroOeTnvzr88pC55J8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3YMD9Vj1vhR9kOormQ0FJeAcHkuGIL6tGmmVE-tD4PJxfgLfaLcUXtAI1ssbmCXGCKFLVsGZzWZd0vo8iCTCnFwcow9U0UcK9SGStQZ3TGSGZHP9mxHjfMi3M7pX8ANXUIv3lV7zhh8Ncc9JhIeipbbZ01SR07hDbvhouG0Hs45qf-c9OU8sNOLSY4ZkZb4FkQjSB1rRs2J8Ub-v2R3ksi0zASzygexfycQx1p0xKEOLv7SZi0ml97K3wfZDaGrCJn2ynulNhiN57yogHwB880LOi3PJ3m_0SYSqsddybBQ1GPJ7lCmrKWTuqF4yIl6HtsvMfCfaPqncvBUAmYVi7u9t8XKp2QpsjhQ_GZUQS2dvWmV0lRY7WmRn7okEbBxZlME2Vk45tgXppWmDv6sZcbA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPiDos24HY9fULfegqMwPoOysyAmcge-wXLKaqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9DOwY9RYigCXtn_P72bJnMfUWlqjVwP3pD55dfKdJvojFw7TuetcaH-1qRX2XIP2dClaEOC1QusJ2iByKZG9_zigSI-dN4GHxMmyRk-PsTQ4u3tYmI99mb-Ea21L9C3-QuiSjLqcI73_JW7CH1PjbOU-oFg2Rymj55muri2kd6d5hV4P-XOhJWocQ1IAmNa87PDlZDx6PbK9kBIKA4cuUPTStwGsf4Z30VaqnbeM-zac2NcrQYUl7ryNQmLHz_tBd_XRTTZbQWABvr4hbmC4vC06QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2oN8CkIwT7mp5Gh5fLIWho9AQwEg%26client%3Dca-pub-2158299410801748%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

06792afbd02d0d04e01dc265f10f441e237c7a134275c164381fa2b9165ff78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=sSzMHjp781FA3-lmdasanLUW-Af65LTpYn9XgMDnq_8x0YxrIeZFLAS-u4kV41LvSQL623q9Px6dTPfI0w5LigP9FHQVCGcJeeF5kZIcC33g3M6XM4o3Ja7LA_QaJQAI5u_PA0sra8PKFOSRSchVAxwp198u9tryhCMz-uw-dqcelFzikacA0NIG5Nv8_3PmHr81SbncbevDO958SaJzpgr-TZkwyYoOzeXGtXlIstRzo70ij-lIqhvmLNPYZiP3-gYV0Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 83026568
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BFFA 1 KB
749 B 6ms
4ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 09:44:03 GMT
etag: 48472445140208031
expires: Fri, 26 Aug 2022 09:44:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C8B 0
0 93ms
87ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsUPQs24HY-DiMrXfo9kPs96q8AScge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIxNTgyOTk0MTA4MDE3NDigAazd_ugDyAEJqAMBqgTKAU_Q15dGnUbgAN1kTYrUv511YMpgpUDnO3Lxwd2wStZI658-hbwU_3Bomfg9Kk-6EAJKApfjoZUrnkihN0x358z8RKzVRkOB_pP03co1cPtRYdOzi2l0R_aMF5b0IYi64vU5qouzCmwYwajhcF9FjuQlMsjQf1XV46Tl0kR6r-ubYkcUU6QIFj9z2Ypi6S8P7kwPCcCNOOswSQyhGJC32Ig0YSi4H3zgfWGUhBDhsGDSa05PR9F42QFuvucHCZcjt8xb1Vs5OeBbApCABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIxNTgyOTk0MTA4MDE3NDgYAA&sigh=HvpOLB80kkY&uach_m=[UACH]&cid=CAQSOwCsnQUxAkdkzGXdK1c2__qs3YY1FmW5KV9c0PkCYAdQgqFcDu29q4S-8ccECbW0liQVY1JyrjK1Vf-9GAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3419509487~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&to=qs&pwprc=5927516270&psa=0&format=1200x90&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475787&bpp=1&bdt=969&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a9f26edc91fcda6-227b6e1c4ad6002a%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_MZm-vTa-WjU22vcaMHX97KMYBECwQ&gpic=UID%3D00000799e8033ab6%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_Mb8lpYds2DVmgCbHV9EKEP9LqG0DA&prev_fmts=0x0%2C1100x280%2C1100x280&nras=2&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cZvK0dJ1H1&p=https%3A//www.yalla-shoots.com&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Aug 2022 12:44:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 4C8B 0
0 17ms
10ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ksaHE824MLAJWuIinRcCAAAAN-d2hNqIAOCGbayGELJuB2MASvwhWockhIttGAASAAA&wp=YwduswAMsWAFKO-1AAqvMzOsco3NeFnKxtTGIg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
server: Kestrel
server-processing-duration-in-ticks: 186049
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 7F21 114 KB
42 KB 84ms
80ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAMsWAFKO-1AAqvMzOsco3NeFnKxtTGIg&u=%7Cj3M40v8jsYkOV6i54mTH92A945wdvxpXLaxeQevfiRo%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3ZW26fUeL8sYoJepvu1bVkIuhJQ8dZsrVq5ztiO86aRXXTBXPctKgzSICpDa2Knbkbxor_kIj6rLAvblGVnRt2zd9gkjZW7iKyDb-I0sw-UUwXaNTS028axyuUeSmBvXBGfpJkFX9EsHtasOZUQIjwL1J1RynEXqyh-teZJ6qovwGGW5_B5HIPgIBTR9BVmeBBqwIiYg5WEUF4ukme0ws-svNJm0gIonDmKZU5y1AIyUdkCOczNbP62l4xCL8gWNoG3497_S9VFDbh0GLbSZK4UWISSXGj4mKc8N4sibAyhwgXr1qd0XzvlFn_Vp1EfkAQ66d3_nZPoENZ0sCoh6q0FZTf1VIpkWG_r11XA0kpY3J9rTknKOULuHq7Zu1Y1dbu0zVQj58fggJc7ljR68MM0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLIyss24HY-DiMrXfo9kPs96q8AScge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIxNTgyOTk0MTA4MDE3NDigAazd_ugDyAEJqAMBqgTNAU_Q15dGnUbgAN1kTYrUv511YMpgpUDnO3Lxwd2wStZI658-hbwU_3Bomfg9Kk-6EAJKApfjoZUrnkihN0x358z8RKzVRkOB_pP03co1cPtRYdOzi2l0R_aMF5b0IYi64vU5qouzCmwYwajhcF9FjuQlMsjQf1XV46Tl0kR6r-ubYkcUU6QIFj9z2Ypi6S8P7kwPCcCNOOswSQyhGJC32Ig0YSi4Hz7iXfM_dpnhc-m_56U1zhLP5SlnkP_DkmRZPgXly3chkDbKAlMffcKABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1cvoUkBALTSTLnAbtZ_eNfPG-TRQ%26client%3Dca-pub-2158299410801748%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

601dd867c169dc90bd4075f82f80e6e26faf26742e8b01557b0059e67b19f647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=tA13HTp781FA3-lm3GxN23MXAIDFG8k7G2PLjysi3whB7y_l-QGzoUcW3yyUEORza2T5HZt_5i70nY9dEfmjpbpDjtOKozdWBmGa4a-d6D2qI1u7t-XjnTKxAHEoVSSIStxj6R-2JKqnS-USw9jwI8OEWePIzjNfcFsPQnD1hrC8P4IL4vne_OcZXxWfmjzfnJVPqCcmRim9hnOK2U3J-_K-74ZP05S-RZdPNTUHCzao5_mn_K0GF2ltUaG64eGv-IV__A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 63400716
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9DDE 1 KB
749 B 6ms
4ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 09:44:03 GMT
etag: 48472445140208031
expires: Fri, 26 Aug 2022 09:44:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9D79 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAEMtsIaAsqAAXL8dQsUURdmCwZI8VvrA&u=%7C6d8pNgmy9mF9%2FYGZcq74cX4jTWt8ZuXM%2F6EmeIo20Zk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3akTBMFdgR12ifQ06VNKUtriN0TUr4M9Kh-rseJCRPHPH8yRCdMP3EOjne-1-ymudJ223PNACbQGYUZ0YNso8kx7lrdX5-4ncUta7pKMnG5RXs7U7Oqc0vNNBFj60ohJlRMEVpURiLEwvsbGeCHHIn6zjyuUUyxB7k-c8AH_EWllWu_V0_Mp07Vb5YpvAah5ftYIIwRKy5pMXyxhPsMLDWhpPhg-64d5J7VinqoW92-oPBMhVLEmHbyFLpsNWJc6ifSOPQ4PNzr7Czc_cyHrBaWps2OseKQIWx5q8Bfhy4VsYFgObr2DJ8Wal2g1i4i8F7hcEofHliZk_32vc6pHP3E_0YrC_ixZl6HcdqvncNE_OW7CEdw4oh1nnGyC0J6njBpzddmzF761VbgHYtxdjorThLOIfyLughA2-viWRBbUxS2d0KYJ1QnzV5xWrmsWkqF2kApsu4Zse3GNKWdvL4VzlfLEy_APDhD9yibsd9hgTm_1tjXoGXUTWDS5sJuTkddNhvIcOHyOljBTpAPqcLx5tfpwYVCSCjQibtsMfWgUUicb0FR4Spw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqrjxs24HY9vlEKqWoPMP8ZeXEJyB77BciqKWpLQBwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9A_PhzN4URa_l4NCm1P2iPvX3fspm7Xm2raj0OWpjsKfT8k0-uSw2564n0zxEosOVr6cls3efEERojSow2EB1QkdmdWq50x1DBFXbV7DVRZnmo6X900vmIoL1bGKRYfZ8hJ6LFIDVlhUOW4jf-IQKLmxhXFmSEKTiDkRVzmxcdAJtZDPY7IhiK2GMD_zG3G0lKb998D4jQop5JqauwHQy_AltaQDX9B4F1ujJkk6oG19sUqEXFqFKmdxpy8AdLVH5Er8ocpm1qABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DTfx7QhCw5OLrbK2gDTVX4hMtGw%26client%3Dca-pub-2158299410801748%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9D79 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9D79 308 B
636 B 10ms
8ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9D79 293 B
621 B 12ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 9D79 43 B
347 B 20ms
18ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Z0BP2ENh8Y4H2r2KQpcxIjLQ61VXlEn7Va9EQ5KlLxBR-MbdSAgoWE49_9jQ5SVBuAlaAkoOG4zmp5Ikl-EVEW3g9XlHhIkwXgPq5EPE8Qw3exEIAyX8f7ohPZ3eTuSLZiwW7JEIowAii2bNiIuYof4hLzliA2zRrm0NnGrI_IlJfjr3IpIG1gEUyFMH99RQynflwBMd_bFRt8AvtJB7ogJKMiJNmlK-VCjEQlAl_MVPgcnhmgZoSSY86M6vVU1tY2z8TKwMBYoHk6xWyMLRmjV0lb5xIXbnUDBCo8aQw-RuFf96yOUQxU5iA7nQWlB_5XyfOrclbWaDytHSB9DrN_nfFrh_uRqwa3VTxln4yfCFuhTzTlCaAwOtcxIZFwUzlNJYD5URPQfjDwOpnpAwyJmVzyeeVozB8QGW1nlcEwXOd-JX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:36 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3230095
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8EF1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 034912404fc1f78616c21e7eefa8ec71e0fc7314b358c01c16f1c83624ddf22b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9D79 12 KB
5 KB 42ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 60277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNjlR7DvNOXWVnv7ffEUrmZyV2TyYNYDBa%2FAtkpYnemS3MEZ4dEg5B2jkFhCr31PK5z84I8LrDRw3AMFyi3X8QOn8B6Sg8WQkiGYNuzk%2FEvXkEvzFeM7H0WuGtJMjBvNjRnmCB9vQNWjrW4AhE4EGU1s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74046b89085c1839-EWR
expires: Tue, 15 Aug 2023 12:44:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9D79 12 KB
6 KB 20ms
19ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B447 4 KB
814 B 39ms
20ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 12:24:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 12:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 12:44:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame B447 2 KB
902 B 6ms
5ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:27:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame B447 23 KB
9 KB 12ms
11ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame B447 3 KB
1 KB 13ms
10ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B447 140 KB
43 KB 43ms
40ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:44:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame B447 17 KB
7 KB 13ms
8ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:40:22 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame B447 33 KB
13 KB 22ms
5ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 01:10:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 12:34:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D999 2 KB
523 B 29ms
21ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 10:50:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 12:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 12:44:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 9D79 3 KB
4 KB 10ms
10ms Image
image/png 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=244&m=0&partner=42883&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F42883%2F170915%2F839b854bef064647b200344ad4406140_klipsch_logo_plain_black.png&v=3&w=196&s=r0a3xFWWAV5s2M7Z-TrSw1y-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

75fd98d40ca898d044fdd457378faa6ae43f13a912ddb9cfe55962d3ae0e7870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28322165
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3574
expires: Wed, 19 Jul 2023 08:00:42 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 9D79 34 KB
35 KB 11ms
11ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

48a33b6de7702489f83fcc49492fea2674c7ff845a9aad362e25640aafb14f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29132878
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 35314
expires: Fri, 28 Jul 2023 17:12:35 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 9D79 0
127 B 11ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=iE9yTDp781FA3-lm5t3aqVnop-uTiJargYIAymKDQswgh1vwtz54rcisT7msaA5wN9cBKNOcAxfmgDXpdSITQF7DfVRY64OCqtsOrxb_UclkwtXceYxIQ6zhJfJrabL9UB-f8kdaCYPCAmUO1KCcUNtHNg0-2W66JyxegJunHiRwsmQ9mEUIRQeP0wqqiMjNdQxi81yQpEfnw5ckCiL57kxDhRSj8pRl13_n3u9MS78Jvg8AIeqC_sTY_ML6p-IMbqd1KA&sds=2&rev=82533&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 12:44:36 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9D79 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9D79 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:36 GMT

GET
DATA 200
OK truncated
/ Frame AE40 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b64138df2da508fd0da38fa1fca2be0302c774e611200794c95b7d2e3ca9892

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ Frame D999 10 KB
10 KB 787ms
4ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 21:11:56 GMT
x-content-type-options: nosniff
age: 228761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 21:11:56 GMT

GET
DATA 200
OK truncated
/ Frame 4C8B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c9ffb17479976c965f17851d3e93b59963e09715b3367adae628640002e885

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame BFFA 35 B
464 B 791ms
14ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELsiRgb6NtossnfIkyp5f3Y&google_cver=1&google_push=AehlK4AL-ldSSYWCBjrXqGSQ7hOAAlPZKt9xUzoo-_3MVQh5tubXHNrtEKc65C1ktdOw_tS7QDKui_6rYDVL5dp0fVfY-QjkRzvUwKz_TA9FZSTapc5ig-4Dx9JxVq6E4V0X91Rn-g7SpGFhH-9AbH8UM0Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFFA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPHEzEoPIAJOLwAmc9zs8eQ&google_cver=1&google_push=AehlK4A1007YIRijb-gt1neMj7D5CyJeALQsFDwHQwIPCdGxT4DLDmfGiwL_XKObF2hj9DDoGhSWyKCdT18iqMy0U2aaXrTjrmMG_...
https://rtb.openx.net/sync/dds?google_gid=CAESEPHEzEoPIAJOLwAmc9zs8eQ&google_cver=1&google_push=AehlK4A1007YIRijb-gt1neMj7D5CyJeALQsFDwHQwIPCdGxT4DLDmfGiwL_XKObF2hj9DDoGhSWyKCdT18iqMy0U2aaXrTjrmMG_...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A1007YIRijb-gt1neMj7D5CyJeALQsFDwHQwIPCdGxT4DLDmfGiwL_XKObF2hj9DDoGhSWyKCdT18iqMy0U2aaXrTjrmMG_bBfnxceJzQ3rrSfRT_CTSblHp0exkwe5V...

170 B
188 B

26ms
22ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A1007YIRijb-gt1neMj7D5CyJeALQsFDwHQwIPCdGxT4DLDmfGiwL_XKObF2hj9DDoGhSWyKCdT18iqMy0U2aaXrTjrmMG_bBfnxceJzQ3rrSfRT_CTSblHp0exkwe5V_r8AH0mhlOEZzrR9PuR5c&google_hm=8Tjv48E9yc4mSuqTurFsmQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A1007YIRijb-gt1neMj7D5CyJeALQsFDwHQwIPCdGxT4DLDmfGiwL_XKObF2hj9DDoGhSWyKCdT18iqMy0U2aaXrTjrmMG_bBfnxceJzQ3rrSfRT_CTSblHp0exkwe5V_r8AH0mhlOEZzrR9PuR5c&google_hm=8Tjv48E9yc4mSuqTurFsmQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 109h6tsl857k6v7qche88gaiq09qdr5l

GET
H2

200

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame BFFA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...

0
41 B

12ms
12ms

Image
text/html

8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEId3gIvDY8PqYH_v8sn5SPk&google_cver=1&google_push=AehlK4AfhEGOVuPiPjX4eOsT8mWPTGIt6xMJzb7dfxq5vmlpAlh2GjrsKrSyD1OmO-HcuH1FY6FRWc5IpTXY-Y_LvohVdL8Bo79NxvKoQil2DC59lAIHrVk8mfHrLfjEgReWSWoCndvORLLDdnHnMs9pnUU&rdf=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243
Protocol: H2
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

Redirect headers

location: /AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEId3gIvDY8PqYH_v8sn5SPk&google_cver=1&google_push=AehlK4AfhEGOVuPiPjX4eOsT8mWPTGIt6xMJzb7dfxq5vmlpAlh2GjrsKrSyD1OmO-HcuH1FY6FRWc5IpTXY-Y_LvohVdL8Bo79NxvKoQil2DC59lAIHrVk8mfHrLfjEgReWSWoCndvORLLDdnHnMs9pnUU&rdf=1
date: Thu, 25 Aug 2022 12:44:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFFA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDnvan37T9UhJ6jqfMSllkI&google_cver=1&google_push=AehlK4A5oLFG3a_MatO6YBkwPtbva7ffE3ddy2cjQ20tIxm75dUX2iPNBnk_0RJIoyzUSRR6rx7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc5MUVLT1otSC1DTDkz&google_push=AehlK4A5oLFG3a_MatO6YBkwPtbva7ffE3ddy2cjQ20tIxm75dUX2iPNBnk_0RJIoyzUSRR6rx7HHuIcsUnQjpgKrwj5Iau4MsYGezJhl...

170 B
188 B

38ms
24ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc5MUVLT1otSC1DTDkz&google_push=AehlK4A5oLFG3a_MatO6YBkwPtbva7ffE3ddy2cjQ20tIxm75dUX2iPNBnk_0RJIoyzUSRR6rx7HHuIcsUnQjpgKrwj5Iau4MsYGezJhl35uKvNPoV5yFwNR2NABzCIx4Chpc5fYy2e4o27JytdvqJPHQw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc5MUVLT1otSC1DTDkz&google_push=AehlK4A5oLFG3a_MatO6YBkwPtbva7ffE3ddy2cjQ20tIxm75dUX2iPNBnk_0RJIoyzUSRR6rx7HHuIcsUnQjpgKrwj5Iau4MsYGezJhl35uKvNPoV5yFwNR2NABzCIx4Chpc5fYy2e4o27JytdvqJPHQw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 382e2818ca015d35b02cd449aa60881d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFFA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ3Cu_4C3vpLCGbcR-Pu0nA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ3Cu_4C3vpLCGbcR-Pu0nA&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ3Cu_4C3vpLCGbcR-Pu0nA&google_hm=YwdutWfe4qmY0SDgrgva_wAAAc8AAAAB&google_nid=index&google_push=AehlK4CJ757jCdICL2T8oBrHSYhS5rK7FcnUc...

170 B
188 B

28ms
27ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ3Cu_4C3vpLCGbcR-Pu0nA&google_hm=YwdutWfe4qmY0SDgrgva_wAAAc8AAAAB&google_nid=index&google_push=AehlK4CJ757jCdICL2T8oBrHSYhS5rK7FcnUcYQBR_RF85buSzZmjZffGvzAQNqDrmGsRm1aLtX7Y8NpyVsgD3Lu1aZXSMD8AGp1WQmp_7eSbYoGRsMhjWEHGsa1cOmV38lPYfdhcfJahDg30XBps_IIFys

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGIpxZjZFSOYjVzHFXRRV34FMNJNdr4%2F%2BybR%2FfNF%2FTW6GvI606SnpnxzNQfn0fpDgBkeLFsUxYngfVKSOyHw4FQpZBkFGevgF0iXuQASH26O%2Fzl7fCRFUQ81Gx%2FK%2F32LFhn7MDDpdbaKaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ3Cu_4C3vpLCGbcR-Pu0nA&google_hm=YwdutWfe4qmY0SDgrgva_wAAAc8AAAAB&google_nid=index&google_push=AehlK4CJ757jCdICL2T8oBrHSYhS5rK7FcnUcYQBR_RF85buSzZmjZffGvzAQNqDrmGsRm1aLtX7Y8NpyVsgD3Lu1aZXSMD8AGp1WQmp_7eSbYoGRsMhjWEHGsa1cOmV38lPYfdhcfJahDg30XBps_IIFys
cache-control: no-cache
cf-ray: 74046b8fec1a8c42-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame BFFA 43 B
296 B 787ms
12ms Image
image/gif 2600:1f18:445b:901:2381:73a:21ec:8981
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOuVc8SKV3CJ1EBO3LEoiL0&google_cver=1&google_push=AehlK4AQWAIjwSSqVSqh5M7YM0kWCcxqUWHEvFIBS4dSTp6ElJS05zMLxxWotTZi1d1S5W11ja--lUCiGgMmImxkrtc28R6_76QvyT6FxAIwXKMl61awJegzbKWkXiquFVMXSWfe3ScPrU8x1nogrvY4op8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:901:2381:73a:21ec:8981 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFFA
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEMgv9kT8SuQjqz8JWnszdWE&google_cver=1&google_push=AehlK4C86us7ukQHPDifFPEpUEMkM7MkjV-Ceo-YoQNA-z6RTlCRU6or0FmA-yXQcIdkoTGDEXU0MAQArYSfg9tA6Mrk4Ib5GNu6a...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4C86us7ukQHPDifFPEpUEMkM7MkjV-Ceo-YoQNA-z6RTlCRU6or0FmA-yXQcIdkoTGDEXU0MAQArYSfg9tA6Mrk4Ib5GNu6aV_xHvryxYdrwrQQ9F-d3Ba_cwWDV_...

170 B
188 B

43ms
27ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4C86us7ukQHPDifFPEpUEMkM7MkjV-Ceo-YoQNA-z6RTlCRU6or0FmA-yXQcIdkoTGDEXU0MAQArYSfg9tA6Mrk4Ib5GNu6aV_xHvryxYdrwrQQ9F-d3Ba_cwWDV_gcpbnuwqT3VLhElxDOQKxGew&google_hm=6f2fa990c1e545ea49761d3a6b77e82d

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4C86us7ukQHPDifFPEpUEMkM7MkjV-Ceo-YoQNA-z6RTlCRU6or0FmA-yXQcIdkoTGDEXU0MAQArYSfg9tA6Mrk4Ib5GNu6aV_xHvryxYdrwrQQ9F-d3Ba_cwWDV_gcpbnuwqT3VLhElxDOQKxGew&google_hm=6f2fa990c1e545ea49761d3a6b77e82d
date: Thu, 25 Aug 2022 12:44:37 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BFFA 0
49 B 794ms
20ms Image
text/html 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LoLZtxQUe5ySh_rtoTquuJXk2fLSUsgmJ1IhKbuEKw5I_rD1guQmGbmXm941pNSTJZtJ69

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=1779215560&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475025&bpp=1&bdt=207&idt=237&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IJjqNL33KE&p=https%3A//www.yalla-shoots.com&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9DDE 35 B
463 B 782ms
15ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMkAUIgg-9BurbwNBgw091g&google_cver=1&google_push=AehlK4DUwu9-BFgN0tX1YfF_4m4omN02HNSGAP6hrx3c9ziWZKSIzH0aQ6xc2jVYo_niuflLfxbNvOdl6GQ77Ch3R2az6Yvtic27K3U4fkABr4VwbR5ynbPyO8LqOgmKZE7TabiB11QnKINHtr17OUATLw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DDE
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEFB5cMZ181t1sJABvAAuGkI&google_cver=1&google_push=AehlK4C4i03lGNl5KgVrMOsiclQUiw2J4IuL2j8G0xz8AoavFiA2RGV_NsK33CsIwkEIyiyOOp8CXeFY-D4Gxyn1-FqLo91l0Mpae...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4C4i03lGNl5KgVrMOsiclQUiw2J4IuL2j8G0xz8AoavFiA2RGV_NsK33CsIwkEIyiyOOp8CXeFY-D4Gxyn1-FqLo91l0MpaeAkwxE1vMne9udac97xs4PI78CMLQXhs...

170 B
188 B

32ms
30ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4C4i03lGNl5KgVrMOsiclQUiw2J4IuL2j8G0xz8AoavFiA2RGV_NsK33CsIwkEIyiyOOp8CXeFY-D4Gxyn1-FqLo91l0MpaeAkwxE1vMne9udac97xs4PI78CMLQXhsWFuNTNAsTum4-dHsnZchCQ&google_hm=Q0FFU0VGQjVjTVoxODF0MXNKQUJ2QUF1R2tJ

Requested by

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
via: 1.1 9742cc93d29468c392785667fe23ee68.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4C4i03lGNl5KgVrMOsiclQUiw2J4IuL2j8G0xz8AoavFiA2RGV_NsK33CsIwkEIyiyOOp8CXeFY-D4Gxyn1-FqLo91l0MpaeAkwxE1vMne9udac97xs4PI78CMLQXhsWFuNTNAsTum4-dHsnZchCQ&google_hm=Q0FFU0VGQjVjTVoxODF0MXNKQUJ2QUF1R2tJ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: s3T3roBS20HZUJ3yPJc0pC1VHOBSRDclH432l-iN_gn9jqkBbQw5Xg==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DDE
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENmvUpQzPQ_GwGbREkr5tp8&google_cver=1&google_push=AehlK4CzR-i04rNwG59ckmuDfYA1WhmBreoi_eWor5P0tCKwne1_UthxVIUcrNBwmXa0u59JScxGWXigYp4eBEiWTf1fnJLZiPDIP...
https://rtb.openx.net/sync/dds?google_gid=CAESENmvUpQzPQ_GwGbREkr5tp8&google_cver=1&google_push=AehlK4CzR-i04rNwG59ckmuDfYA1WhmBreoi_eWor5P0tCKwne1_UthxVIUcrNBwmXa0u59JScxGWXigYp4eBEiWTf1fnJLZiPDIP...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CzR-i04rNwG59ckmuDfYA1WhmBreoi_eWor5P0tCKwne1_UthxVIUcrNBwmXa0u59JScxGWXigYp4eBEiWTf1fnJLZiPDIPXkNE1uBLoaaiWI9HRP7cRpnK6Sp_RlEeA...

170 B
188 B

26ms
26ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CzR-i04rNwG59ckmuDfYA1WhmBreoi_eWor5P0tCKwne1_UthxVIUcrNBwmXa0u59JScxGWXigYp4eBEiWTf1fnJLZiPDIPXkNE1uBLoaaiWI9HRP7cRpnK6Sp_RlEeAfTI92iPNIvmSp1S5PAIQ4&google_hm=8Tjv48E9yc4mSuqTurFsmQ==

Requested by

Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CzR-i04rNwG59ckmuDfYA1WhmBreoi_eWor5P0tCKwne1_UthxVIUcrNBwmXa0u59JScxGWXigYp4eBEiWTf1fnJLZiPDIPXkNE1uBLoaaiWI9HRP7cRpnK6Sp_RlEeAfTI92iPNIvmSp1S5PAIQ4&google_hm=8Tjv48E9yc4mSuqTurFsmQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: mal5hd8a5bk1rl6mifcnhv1io3v4dlbv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DDE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKl5riGaRtXuID9sz7g1MTg&google_cver=1&google_push=AehlK4ClhYKM1Ob8djqEnXEjtJUMiW9DYLvWjHtZ6rGHp7BRKh_KPkVe5t-ltmP-45FrmH9-BJO...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc5MUVLT1otVC05RjMy&google_push=AehlK4ClhYKM1Ob8djqEnXEjtJUMiW9DYLvWjHtZ6rGHp7BRKh_KPkVe5t-ltmP-45FrmH9-BJOb-huZIkisI6mNNLYIogqIL1dHK_w3o...

170 B
188 B

42ms
28ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc5MUVLT1otVC05RjMy&google_push=AehlK4ClhYKM1Ob8djqEnXEjtJUMiW9DYLvWjHtZ6rGHp7BRKh_KPkVe5t-ltmP-45FrmH9-BJOb-huZIkisI6mNNLYIogqIL1dHK_w3oKwF2sd4_Cg6Wje2ld38Z-CykElIqN6YxvOT2Bo-x3MtSBj0Bfs

Requested by

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc5MUVLT1otVC05RjMy&google_push=AehlK4ClhYKM1Ob8djqEnXEjtJUMiW9DYLvWjHtZ6rGHp7BRKh_KPkVe5t-ltmP-45FrmH9-BJOb-huZIkisI6mNNLYIogqIL1dHK_w3oKwF2sd4_Cg6Wje2ld38Z-CykElIqN6YxvOT2Bo-x3MtSBj0Bfs
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 9DDE 43 B
297 B 778ms
11ms Image
image/gif 2600:1f18:445b:901:2381:73a:21ec:8981
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAqBmOU3VKtYAF72fTYhB6E&google_cver=1&google_push=AehlK4Bl4Nq9m6RTY61IaTg6SgU94_MXmxxPSvHxw4d589LRXSv12_MEvlGsZpT5ZwOJpCx59_vvboD9xODkpAHNcTX0NKhFd2ygd0W1O2Ap18iTe3g6f98_zsvRurYU_Kgu72yVRZj06wGDPXLQM95aRg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3419509487~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&to=qs&pwprc=5927516270&psa=0&format=1200x90&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475787&bpp=1&bdt=969&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a9f26edc91fcda6-227b6e1c4ad6002a%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_MZm-vTa-WjU22vcaMHX97KMYBECwQ&gpic=UID%3D00000799e8033ab6%3AT%3D1661431475%3ART%3D1661431475%3AS%3DALNI_Mb8lpYds2DVmgCbHV9EKEP9LqG0DA&prev_fmts=0x0%2C1100x280%2C1100x280&nras=2&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cZvK0dJ1H1&p=https%3A//www.yalla-shoots.com&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:901:2381:73a:21ec:8981 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DDE
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEBwVeY9DxWI-TlNqsUr2R88&google_cver=1&google_push=AehlK4C9wLTl26YDff9CPnSDmxhfm0xe1NjVRnZUtO1Gt0SNZyUKcLaiD8s5eQMxmS6q5KUGLrDQZYq0MRLrcVXeF_ztW25Aa0wCA...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4C9wLTl26YDff9CPnSDmxhfm0xe1NjVRnZUtO1Gt0SNZyUKcLaiD8s5eQMxmS6q5KUGLrDQZYq0MRLrcVXeF_ztW25Aa0wCAvn-kpx7q4gdbFpqD3sFwtDV-CRWEy...

170 B
188 B

45ms
29ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4C9wLTl26YDff9CPnSDmxhfm0xe1NjVRnZUtO1Gt0SNZyUKcLaiD8s5eQMxmS6q5KUGLrDQZYq0MRLrcVXeF_ztW25Aa0wCAvn-kpx7q4gdbFpqD3sFwtDV-CRWEy8tXSUwHRE_AwGqJ2c7O8lpng&google_hm=6c9453b753b0a667c8eb5e1f4bbf2c5d

Requested by

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4C9wLTl26YDff9CPnSDmxhfm0xe1NjVRnZUtO1Gt0SNZyUKcLaiD8s5eQMxmS6q5KUGLrDQZYq0MRLrcVXeF_ztW25Aa0wCAvn-kpx7q4gdbFpqD3sFwtDV-CRWEy8tXSUwHRE_AwGqJ2c7O8lpng&google_hm=6c9453b753b0a667c8eb5e1f4bbf2c5d
date: Thu, 25 Aug 2022 12:44:37 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET googleredir
googlecm.hit.gemius.pl/ Frame 9DDE 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9DDE 0
232 B 784ms
18ms Image
text/html 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jmp8xRrkYKaa3SbDL0270vO44t6yPRiJd7Ap7mZnD0i0UiUAegVAxa5FVO7RPGnF006hIHTQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 9D79 2 KB
523 B 20ms
19ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 11:32:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 12:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 12:44:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC5B 143 B
163 B 35ms
11ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 12:12:08 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ Frame 9D79 10 KB
10 KB 675ms
5ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 21:11:56 GMT
x-content-type-options: nosniff
age: 228761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 21:11:56 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 33DE 42 B
64 B 75ms
63ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqaaQ2jJ4AGWgQhcrTH0m1YUw2q6EV6D74sUvjU61YlY1UNHgMGt9tS7T_KjINK8HqU5Iyk37eey60pQalUjPXlmw&sig=Cg0ArKJSzO179Kkmiy1XEAE&id=lidar2&mcvt=1042&p=0,0,280,1100&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3152578546&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661431475252&rpt=599&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D999 0
127 B 10ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 12:44:36 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D8EC 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswALalcDihB3AAs2IJSE6uvH91unuZYupQ&u=%7C6d8pNgmy9mFHo0Is4e0LoFaofnroOeTnvzr88pC55J8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3YMD9Vj1vhR9kOormQ0FJeAcHkuGIL6tGmmVE-tD4PJxfgLfaLcUXtAI1ssbmCXGCKFLVsGZzWZd0vo8iCTCnFwcow9U0UcK9SGStQZ3TGSGZHP9mxHjfMi3M7pX8ANXUIv3lV7zhh8Ncc9JhIeipbbZ01SR07hDbvhouG0Hs45qf-c9OU8sNOLSY4ZkZb4FkQjSB1rRs2J8Ub-v2R3ksi0zASzygexfycQx1p0xKEOLv7SZi0ml97K3wfZDaGrCJn2ynulNhiN57yogHwB880LOi3PJ3m_0SYSqsddybBQ1GPJ7lCmrKWTuqF4yIl6HtsvMfCfaPqncvBUAmYVi7u9t8XKp2QpsjhQ_GZUQS2dvWmV0lRY7WmRn7okEbBxZlME2Vk45tgXppWmDv6sZcbA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPiDos24HY9fULfegqMwPoOysyAmcge-wXLKaqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjE1ODI5OTQxMDgwMTc0OKABrN3-6APIAQmoAwGqBMgBT9DOwY9RYigCXtn_P72bJnMfUWlqjVwP3pD55dfKdJvojFw7TuetcaH-1qRX2XIP2dClaEOC1QusJ2iByKZG9_zigSI-dN4GHxMmyRk-PsTQ4u3tYmI99mb-Ea21L9C3-QuiSjLqcI73_JW7CH1PjbOU-oFg2Rymj55muri2kd6d5hV4P-XOhJWocQ1IAmNa87PDlZDx6PbK9kBIKA4cuUPTStwGsf4Z30VaqnbeM-zac2NcrQYUl7ryNQmLHz_tBd_XRTTZbQWABvr4hbmC4vC06QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2oN8CkIwT7mp5Gh5fLIWho9AQwEg%26client%3Dca-pub-2158299410801748%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D8EC 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D8EC 308 B
636 B 47ms
8ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D8EC 293 B
621 B 47ms
8ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame D8EC 43 B
347 B 57ms
17ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=FOGhOqT6HDQGV1PFBq1PqWt_wta7o19RvOl0-RmnzNwm-0qNNu6yGi9t6TY7FZyO4VodTcS-lRUXg-ZJznK3P9wl2r4QcAyubtkwix3ospkWDfWgRLffjm4tmBhtbhejRqd7IDu0Ydkd5xgoOcASP87BVK8Bi5VJEZCngY3oq-mWWfd1pR_4fE1CgFI7EvCj2oZGwjkxvYGtdZ26I-VWkNM1KBtTp1Lrwjqazg2gz3AMkpB1BiuTrVCF83SnHlEYSCVUGqP0hTe84meLXvjUJLl3vQm4kVeX9xM5xwDKzI7sAtsD9EMdRCFKvBKBL3lAnY1VXr8aeUfh9fvOIjWU3iRgshFJBbE5ehjvcuxhMjYNd9gAAteaGr_kAiS4UVjM1yCAh05vvhC3SiIygiDEs_ce_Ysd2n6lemfhZrLUPF2lAJjK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:36 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3186267
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7F21 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YwduswAMsWAFKO-1AAqvMzOsco3NeFnKxtTGIg&u=%7Cj3M40v8jsYkOV6i54mTH92A945wdvxpXLaxeQevfiRo%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3ZW26fUeL8sYoJepvu1bVkIuhJQ8dZsrVq5ztiO86aRXXTBXPctKgzSICpDa2Knbkbxor_kIj6rLAvblGVnRt2zd9gkjZW7iKyDb-I0sw-UUwXaNTS028axyuUeSmBvXBGfpJkFX9EsHtasOZUQIjwL1J1RynEXqyh-teZJ6qovwGGW5_B5HIPgIBTR9BVmeBBqwIiYg5WEUF4ukme0ws-svNJm0gIonDmKZU5y1AIyUdkCOczNbP62l4xCL8gWNoG3497_S9VFDbh0GLbSZK4UWISSXGj4mKc8N4sibAyhwgXr1qd0XzvlFn_Vp1EfkAQ66d3_nZPoENZ0sCoh6q0FZTf1VIpkWG_r11XA0kpY3J9rTknKOULuHq7Zu1Y1dbu0zVQj58fggJc7ljR68MM0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLIyss24HY-DiMrXfo9kPs96q8AScge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIxNTgyOTk0MTA4MDE3NDigAazd_ugDyAEJqAMBqgTNAU_Q15dGnUbgAN1kTYrUv511YMpgpUDnO3Lxwd2wStZI658-hbwU_3Bomfg9Kk-6EAJKApfjoZUrnkihN0x358z8RKzVRkOB_pP03co1cPtRYdOzi2l0R_aMF5b0IYi64vU5qouzCmwYwajhcF9FjuQlMsjQf1XV46Tl0kR6r-ubYkcUU6QIFj9z2Ypi6S8P7kwPCcCNOOswSQyhGJC32Ig0YSi4Hz7iXfM_dpnhc-m_56U1zhLP5SlnkP_DkmRZPgXly3chkDbKAlMffcKABtDttt3LkvTUMaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1cvoUkBALTSTLnAbtZ_eNfPG-TRQ%26client%3Dca-pub-2158299410801748%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7F21 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7F21 308 B
636 B 19ms
8ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7F21 293 B
621 B 20ms
9ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 7F21 43 B
347 B 27ms
16ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=VELBz2U4uw-ota4myEdHx9dIr__3-RXPmfvCWk1mEVg7Z-Ob-EErkIHyXJuUoQNooBZWxRfIuV-6NnkOi7QxlzhBWc4_-YnZSubXAjyw5EhlM2qpvEEDSF6QSHxvHIT1F6bFJxKfBVkfcYqPIqlEfnZLpcZ0OEOJ_0ZHW9KC7cCwXGWXavWaBkHgKRcTJ2TsjbGSdJECVXwl7teMM5St1hiCz9hQJmo-6TMwDfUSBa9mYAd_oZVY27Iu28mWONsjrB1gu212bYrmMqa4TFTQQ4JPConWdy-bShYYOiXFz71IMHPwT6gVyvuIjbRyqQS2FgY1akipbsRxwCysslfL1zaZW3KphANME2rJNRieAoIPVsU3ctnI6lRaiTan9nDBfMY6UgavKs66hfJwQ9pLA7FYEKkIa1w-G265hGmjRrwW64Q8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3022379
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D8EC 12 KB
5 KB 46ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 60278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuIH11qzMxaQIes8%2Ftk16DWmyqk%2BgdpUUzmDDygs6P6T6dd3T%2BXvJ4rEdmNS7VfiBYimeIm%2BUQh5LCunCZBQRZ6IGqEyE2k39JfZZMHLOgdZcJOk1boqQSKepFnvtekToJ1TwGY3PMeH%2ByYPUa3QDqZ%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74046b8ed8261839-EWR
expires: Tue, 15 Aug 2023 12:44:37 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D8EC 12 KB
6 KB 40ms
14ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7F21 12 KB
5 KB 30ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 60278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BCdp3YODzwDKlm60ksYzAuoJFjwHMKj0TetMyoFWIOPQLoYG%2FprFHOH7ogyfc%2FXGVpWiaMwCMcBPHfEBCk0p%2FQlX%2Frmzh%2BcNZjk0jCMCwXkwxh3SL4pNvGOc%2FS0bJ7aJcLUL9asTlBW4glNjg2HXp7f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74046b8ed8291839-EWR
expires: Tue, 15 Aug 2023 12:44:37 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7F21 12 KB
6 KB 16ms
10ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D8EC 18 KB
18 KB 12ms
11ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28884&q=80&r=0&u=https%3A%2F%2Fwww.moneymetals.com%2Fimages%2Fproducts%2F1oz-trump-silver-rounds-obverse.jpg&v=3&w=800&s=ErUK6zfACo5EYeOubUDKsalQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c35af3335216cb60ed393a48a109a498c55171ce3bede88bb02501c207d2c2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 18156
expires: Thu, 25 Aug 2022 12:44:37 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D8EC 0
127 B 12ms
11ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=sSzMHjp781FA3-lmdasanLUW-Af65LTpYn9XgMDnq_8x0YxrIeZFLAS-u4kV41LvSQL623q9Px6dTPfI0w5LigP9FHQVCGcJeeF5kZIcC33g3M6XM4o3Ja7LA_QaJQAI5u_PA0sra8PKFOSRSchVAxwp198u9tryhCMz-uw-dqcelFzikacA0NIG5Nv8_3PmHr81SbncbevDO958SaJzpgr-TZkwyYoOzeXGtXlIstRzo70ij-lIqhvmLNPYZiP3-gYV0Q&sds=2&rev=82533&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 12:44:36 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D8EC 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D8EC 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 7F21 55 KB
56 KB 11ms
11ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

50ccee582140c4aa2ad1530837406afd7a4f38e375d510469c6c83477dd82ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29132877
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 56588
expires: Fri, 28 Jul 2023 17:12:35 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 7F21 0
127 B 12ms
11ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=tA13HTp781FA3-lm3GxN23MXAIDFG8k7G2PLjysi3whB7y_l-QGzoUcW3yyUEORza2T5HZt_5i70nY9dEfmjpbpDjtOKozdWBmGa4a-d6D2qI1u7t-XjnTKxAHEoVSSIStxj6R-2JKqnS-USw9jwI8OEWePIzjNfcFsPQnD1hrC8P4IL4vne_OcZXxWfmjzfnJVPqCcmRim9hnOK2U3J-_K-74ZP05S-RZdPNTUHCzao5_mn_K0GF2ltUaG64eGv-IV__A&sds=2&rev=82533&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 12:44:37 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7F21 2 KB
1 KB 20ms
18ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7F21 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:37 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:44:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8EF1 42 B
64 B 66ms
63ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvygmfHOKXCZJ3Mgd2yjK4_EeE5skf-3ZobDbADQL8B9v9h_TPzbGeGXaHOnRpR9d_CJRIdQeoIXVQs_Ofn9cyov60H&sig=Cg0ArKJSzIRnEMDRCAt9EAE&id=lidar2&mcvt=1159&p=0,0,124,1005&mtos=551,1159,1159,1159,1159&tos=551,608,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661431475884&rpt=688&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D8EC 2 KB
519 B 22ms
19ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

222cabd38089af521e8c7f681b803322077eb96a5551098d85afc4777a18e189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 10:47:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 12:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 12:44:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7F21 2 KB
523 B 36ms
33ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 11:55:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 12:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 12:44:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC5B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:38 GMT
expires: Thu, 25 Aug 2022 12:44:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A16 36 KB
14 KB 11ms
9ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: www.yalla-shoots.com
URL: https://www.yalla-shoots.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 12:37:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE40 42 B
64 B 71ms
63ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcMD1krfA9cX_hGFjsiSVYoEjuvjX47US7soDMiadk27VPEFNsmuixCpyA-UIHPlvae8z3I5kM44sQQDtXea2F-kg&sig=Cg0ArKJSzH-IJh2UpcGyEAE&cid=CAASFeRo50Dlle56CJeLCibIcSScj3jVHA&id=lidar2&mcvt=1021&p=0,0,280,1100&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3152578546&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661431475270&rpt=1507&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 12:44:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 9D79 0
127 B 13ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 12:44:37 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v26/ Frame D8EC 19 KB
19 KB 24ms
8ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:23:45 GMT
x-content-type-options: nosniff
age: 235252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19228
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 19:23:45 GMT

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ Frame 7F21 10 KB
10 KB 9ms
7ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 21:11:56 GMT
x-content-type-options: nosniff
age: 228761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 21:11:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 31ms
31ms XHR
application/json 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

994f2530dc396b03f2155477b910bd39082c0f85cbe8234eb9beddd6a32ae4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 12:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11038
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:44:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2833 13 KB
5 KB 10ms
8ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:37:24 GMT
expires: Fri, 25 Aug 2023 12:37:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1819 783 B
534 B 33ms
26ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91297b414ccebbe9b37660a46af10055c742eed9641697edd56d3a1d3fc91c5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7sJbGowNAsOdre6OIo3v4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yalla-shoots.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-7sJbGowNAsOdre6OIo3v4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 12:44:38 GMT
expires: Thu, 25 Aug 2022 12:44:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2833 36 KB
14 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 12:37:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1819 0
0 22ms
22ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=4387573114464692&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2833 0
10 B 4ms
4ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wZ35Lg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:44:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 all
csm.us.criteo.net/ Frame D8EC 0
127 B 10ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 12:44:39 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 25ms
24ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=4387573114464692&bg=!cnGlcTXNAAYUOm8VNDo7ACkAdvg8WhLQPFv1kNKtqHREIbT62tjyDroeFz5-infa7UGsAl77wpyilgIAAAQhUgAAAAFoAQeZAu9rNUmDMcEdTB-bJgbIg7d3GOLI1SNliSJMEjO00QwGFAbSWTviBNqNWGvc5MtLADkUDBJgdWjoPz5HzL44GTzM69FKTMqxqDMWGswOWpXauNn-MeZP2sa0moK3JO9uCmEI0Bh8I8aIGSt_l2pb7Y76JBd5zS6_OnGwiS37VVr3AQGC0tjbcfIpkzurpa7RoWIaN4-84A95ndtUsnLa0bXoNsx2pdwE3L0Lnjpg8Ky6n1Q3ab4ijTs-AeTBTdaDUYBfmD0hb_x4zcCTulHkOr0MMX4verhVIiHp4hFIJj1jyqvWd8ckLo2_mb9gii9ve9Nn4E2s1k9thBKv5_xUGbC07jkCTE2RRBKTMhzYXN6gz5vsbruohFGwSWUD6vHh3mPDoGB_qzYOeXU2Yy4cTwdj60dTZ62UoBQFiTjZlID_BND39u-KIpTajCnubF5JLNmGHOe8InUNiWYy3PnBAXxRzphJptlpb2H0UZuYDmQrLfsdQU-P8rF5a5eWCgRM14li-wpvIIRSQuKa1D2uu0p0osHEwZughrV1eP3Suw9oaulhr79-0j-sNfslg8uP8QN7ghiCLhI4vkG1nzrbVWmLzLIiG9jUYwP55tIkR6GKil8FhR5QpEuLcOUCB8c_ItQnwMfD3acIjBkTIF90Czg9LysOrO274E7JxdVqZ4M2GDDz3NlOuoVYM4wjSxMN_vrRnnqN1DKA5_9GD8isRrVOgtz0CPzLCjywE-PwnJ6jsSPu2HRpfvxrg-Y5kKBZiRfcODa3rH2M2tcHVBPh1L__scACK-PqKiGDMhf9aILCttUnE67ZRUNGOi-L0IqeQOHYs29XaAJNMA7qvAtOUpJBvXzCz-C1xfjN4834TIQZrb2yhmBGtarxrp5V110a1g7xW_OxkwWbVXsoeX8SPEdBNOuxqOA6Yihy9O3JEwPAR1CL1icvHufkV1BWSaeIeLQrpHRiNfg6w-aTeNWmTpc2kMqRZAgB1njg1wbWWPcV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.yalla-shoots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPCHSs1AqDAEeN9CboYLZCA&google_cver=1&google_push=AehlK4BtBBFMl6YrIMm6JMdT7KMgHRZYABsuGs0ayyh1V7nDOsEHmHKVh05ioQzWVm8sOM9miH0iNBqSy2ZPfWsZcEFy-Ld78snoJQ1salRmTd9EwM2BYlfaUGerVagHHSgPbS5EifK5x2DSU03eLqt2lYw

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yalla-shoots.com/	1970-01-20 15:06:31	Name: _ga Value: GA1.2.1213669314.1661431475
.yalla-shoots.com/	1970-01-20 05:31:57	Name: _gid Value: GA1.2.941990663.1661431475
.yalla-shoots.com/	1970-01-20 05:30:31	Name: _gat_gtag_UA_216576985_1 Value: 1
.yalla-shoots.com/	1970-01-20 14:52:07	Name: __gads Value: ID=5a9f26edc91fcda6-227b6e1c4ad6002a:T=1661431475:RT=1661431475:S=ALNI_MZm-vTa-WjU22vcaMHX97KMYBECwQ
.yalla-shoots.com/	1970-01-20 14:52:07	Name: __gpi Value: UID=00000799e8033ab6:T=1661431475:RT=1661431475:S=ALNI_Mb8lpYds2DVmgCbHV9EKEP9LqG0DA
.doubleclick.net/	1970-01-20 15:06:31	Name: IDE Value: AHWqTUm-uX1f75rYCESJhq5jPTCfRpk7IBZ9gPghZ1XLNmP4__msfPrX5dKmieg9tgU
.adingo.jp/	1970-01-20 06:13:43	Name: ID Value: 6f2fa990c1e545ea49761d3a6b77e82d
.innovid.com/	1970-01-20 07:40:07	Name: uuid Value: 455d67ca-0ca8-4c3b-97ee-b5b00f1c0858-20220825 08:44:37
.pubmatic.com/	1970-01-20 05:31:57	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 07:40:07	Name: d Value: EEYBCQH4JoEA
.quantserve.com/	1970-01-20 15:00:45	Name: mc Value: 63076eb5-8cab2-72514-cd3dd
.casalemedia.com/	1970-01-20 14:16:07	Name: CMID Value: YwdutWfe4qmY0SDgrgva-wAA
.casalemedia.com/	1970-01-20 07:40:07	Name: CMPS Value: 463
.casalemedia.com/	1970-01-20 07:40:07	Name: CMPRO Value: 463
.agkn.com/	1970-01-20 14:16:07	Name: ab Value: 0001%3AMuReM5o7cq%2FulluToOeKuQNpen65eDKy
.agkn.com/	1970-01-20 14:16:07	Name: u Value: C\|0CEAqmis1KporNQAAAAAAAQ13AQCAAQpAAAAAAA
.openx.net/	1970-01-20 14:16:07	Name: i Value: fdc25a86-c13c-4f17-9ae8-6ecc0d8f65de\|1661431477
.casalemedia.com/	1970-01-20 07:40:07	Name: CMTS Value: 166
.doubleclick.net/	1970-01-20 05:30:35	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.yalla-shoots.com/(Line 201) Message: <link rel=preload> must have a valid `as` value
network	error	URL: https://live.demand.supply/up.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2158299410801748&output=html&h=280&slotname=9881163520&adk=3152578546&adf=2181667279&pi=t.ma~as.9881163520&w=1100&fwrn=4&fwrnh=100&lmt=1661431475&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fwww.yalla-shoots.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661431475022&bpp=3&bdt=204&idt=219&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3147178449308&frm=20&pv=1&ga_vid=1213669314.1661431475&ga_sid=1661431475&ga_hid=870385543&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C44770766&oid=2&pvsid=4387573114464692&tmod=1245162665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B6xAmW0b66&p=https%3A//www.yalla-shoots.com&dtd=227 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPCHSs1AqDAEeN9CboYLZCA&google_cver=1&google_push=AehlK4BtBBFMl6YrIMm6JMdT7KMgHRZYABsuGs0ayyh1V7nDOsEHmHKVh05ioQzWVm8sOM9miH0iNBqSy2ZPfWsZcEFy-Ld78snoJQ1salRmTd9EwM2BYlfaUGerVagHHSgPbS5EifK5x2DSU03eLqt2lYw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
ag.innovid.com
cat.va.us.criteo.com
cc.adingo.jp
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.us.criteo.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
live.demand.supply
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
pixel.rubiconproject.com
rtb.openx.net
rtb.va.us.criteo.com
ssum-sec.casalemedia.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.yalla-shoots.com
googlecm.hit.gemius.pl
104.18.18.126
142.250.80.2
142.251.40.98
2600:1f18:445b:901:2381:73a:21ec:8981
2600:9000:23cb:7400:19:fc2c:a140:93a1
2606:4700:3033::ac43:9fd4
2606:4700::6810:8616
2606:4700::6811:190e
2607:f8b0:4006:807::200a
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2004
2607:f8b0:4006:816::2003
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:822::2001
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:116:800b:21:b08a:1dc5:659b:4055
35.186.253.211
54.80.54.203
69.173.151.100
74.119.119.137
74.119.119.147
74.119.119.149
8.28.7.81
034912404fc1f78616c21e7eefa8ec71e0fc7314b358c01c16f1c83624ddf22b
04c9ffb17479976c965f17851d3e93b59963e09715b3367adae628640002e885
06792afbd02d0d04e01dc265f10f441e237c7a134275c164381fa2b9165ff78c
07f4b9b053b485a54696e258cfcae94425618c8d89a69555368bfaae6ef3e0b1
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a8f1357bb31716815985c119c4d8ea4cb8a2fe585a008922dc6c1ef2079d9c8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0d17e66bf2ce02165f8a7b406b12b54c9c29508009980dd9517e783c9ba236a8
137993619a3a12882f44b203d2562860966e788a85798aadf6d7945269a8e79d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
20cd1f9174202c9debe21530ce5b4003b994cf05967a141563b0e949a87dcca5
222cabd38089af521e8c7f681b803322077eb96a5551098d85afc4777a18e189
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
2acb6e7a46010bc4fc4b99cfa2378baa398197358d62fc7b6c8b686a29a2a26f
2ae6317ae48a26b74b5c258a78fcaa19f0ed040386230a5ad9bb079fd5ef26a1
2f3279dab94b012acc950dbf044025525a4559530207d5d9e74e894295e35137
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
48a33b6de7702489f83fcc49492fea2674c7ff845a9aad362e25640aafb14f2d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
50ccee582140c4aa2ad1530837406afd7a4f38e375d510469c6c83477dd82ab3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ddf3d24115e92b23b85622cfcc2d44d77737efaf86d812c33d8fc5eda9c38fa
601dd867c169dc90bd4075f82f80e6e26faf26742e8b01557b0059e67b19f647
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658ef0beb4f0590f53ee4085c2dff5e7d873a5b7302768359e6564cad6706402
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
700240968be03f760f89e5cdc667a54fbc66a88f820b1fcd0534fa9df9b2add3
70101b6437992912b9bd530d1cac5093fc4023b225102de8f860b2fbd41e959d
7100c018b46774a1f126e14929fe6404d1c10c7d8564464411bf448b7d1d9e9f
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75fd98d40ca898d044fdd457378faa6ae43f13a912ddb9cfe55962d3ae0e7870
7b64138df2da508fd0da38fa1fca2be0302c774e611200794c95b7d2e3ca9892
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
85674e771265b7c7cc66b902931f1c9e28225292f033b0677543ddb1907e4d83
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
85f34fe7d3e261999e011e57c8bb72766afaa8238973ae30f8c1e0721679bc8e
862a0032532fde6b26942f8ec9f7c50b5180f4b8297d0f02eb22b0811e6f4356
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d3d356f8269622a6dc1655cba39c587917a48d29f24737034ce75712bb63b15
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91297b414ccebbe9b37660a46af10055c742eed9641697edd56d3a1d3fc91c5b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98c783f3e256d9302ee15d3b92526b60d0b19b14d12940261cb97080918f406c
994f2530dc396b03f2155477b910bd39082c0f85cbe8234eb9beddd6a32ae4d2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a547ff731b962394c8425e7bbf57daf1c0306598fca26088bbf9a683a359fb56
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7ca8f6af1b7f41e3b9d39d7281be3ee848d8052832e5c5e08b5926c653e24ab
af86ded17471f1dbbfad46c3a5b3f7f93a868a604d74dd7dbf877282ae216fae
b06e9ac9e16808847aa3e5e1187d254d3b8e188794a9763406454c778c8f63a8
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdcec4290839d80b34337ba1e4c361178acd46a46c1446f94c89ea854eee35e8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c35af3335216cb60ed393a48a109a498c55171ce3bede88bb02501c207d2c2da
cf462bab43547c17cb3599e4e4b20430ab3ff5566ff5f84e07144cc119201575
db6a9d685e2f20fa61a90ba1714c4457ee5f82fd78f558271a8e8dc67c4f90fc
dc7193e5b9fd63da115c69addde247563481cfe48637c879d292ed2857d413a2
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebad514e574e7fb59c15f9565eda6efdb17970993fbafe637c8b666c21a78c6e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64a93b82ff811b5d20bbb8b86292f486a9ff98423e9140af4db34a826e8d0ea
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

www.yalla-shoots.com Open in urlscan Pro 2606:4700:3033::ac43:9fd4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

159 Requests

94 %HTTPS

66 %IPv6

23 Domains

31 Subdomains

25 IPs

2 Countries

1561 kBTransfer

3434 kBSize

19 Cookies

1 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.yalla-shoots.com Open in urlscan Pro
2606:4700:3033::ac43:9fd4 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

94 %
HTTPS

66 %
IPv6

23
Domains

31
Subdomains

25
IPs

2
Countries

1561 kB
Transfer

3434 kB
Size

19
Cookies

159 HTTP transactions
10 data transactions