hd.yalla-shoot.video Open in urlscan Pro
2606:4700:3038::6815:ea86 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hd.yalla-shoot.video/
Submission: On December 09 via manual (December 9th 2022, 5:02:49 pm UTC) from CA — Scanned from CA

Summary HTTP 152 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 21 domains to perform 152 HTTP transactions. The main IP is 2606:4700:3038::6815:ea86, located in United States and belongs to CLOUDFLARENET, US. The main domain is hd.yalla-shoot.video. The Cisco Umbrella rank of the primary domain is 570791.
TLS certificate: Issued by E1 on November 15th 2022. Valid for: 3 months.

This is the only time hd.yalla-shoot.video was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:303... 2606:4700:3038::6815:ea86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
42	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
2 5	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800b... 2620:116:800b:21:4cb8:1820:80ca:50f7	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
13	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
3 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:1f16:b8a... 2600:1f16:b8a:8e01:1ac2:27d:73ba:66ff	16509 (AMAZON-02) (AMAZON-02)
2 2	52.73.27.182 52.73.27.182	14618 (AMAZON-AES) (AMAZON-AES)
1 1	20.242.10.199 20.242.10.199	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
152	18

22 2606:4700:3038::6815:ea86 (United States)

ASN13335 (CLOUDFLARENET, US)

hd.yalla-shoot.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2607:f8b0:4006:822::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:817::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2004 (Nutley, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:4cb8:1820:80ca:50f7 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:b8a:8e01:1ac2:27d:73ba:66ff (Columbus, United States)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.27.182 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-27-182.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.242.10.199 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	647 KB
30	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	217 KB
22	yalla-shoot.video hd.yalla-shoot.video — Cisco Umbrella Rank: 570791	249 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	185 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	6 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	281 KB
3	openx.net 3 redirects rtb.openx.net — Cisco Umbrella Rank: 1473	646 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 415	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 677	1 KB
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 3623	810 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 308	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 549	632 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 630	842 B
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 12947	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 26	20 KB
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 3745	621 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1505	296 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 837	702 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	43 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
152	21

	Domain	Requested by
42	tpc.googlesyndication.com	googleads.g.doubleclick.net hd.yalla-shoot.video tpc.googlesyndication.com pagead2.googlesyndication.com
22	hd.yalla-shoot.video	hd.yalla-shoot.video
19	pagead2.googlesyndication.com	hd.yalla-shoot.video pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hd.yalla-shoot.video
13	cm.g.doubleclick.net	hd.yalla-shoot.video googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
3	rtb.openx.net	3 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	cc.adingo.jp	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	beacon.walmart.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	hd.yalla-shoot.video
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
152	25

This site contains no links.

Subject Issuer	Validity	Valid
*.yalla-shoot.video E1	`2022-11-15` - `2023-02-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://hd.yalla-shoot.video/
Frame ID: 0654775697E4AEB386DD1CD972BCDEDB
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: E9B3DE3F48B113507BDE863D29F74378
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&adk=1812271804&adf=3025194257&lmt=1670605364&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364422&bpp=8&bdt=268&idt=169&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6588423047209&frm=20&pv=2&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=191
Frame ID: DEA7360C25027961F0CCA4FA49E23C24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&slotname=3843712019&adk=2969204344&adf=54630664&pi=t.ma~as.3843712019&w=1000&fwrn=4&fwrnh=100&lmt=1670605364&rafmt=1&format=1000x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364430&bpp=2&bdt=275&idt=187&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Egu1hu3oQ&p=https%3A//hd.yalla-shoot.video&dtd=193
Frame ID: 887F3077255FF51AD7774E218E284A76
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&slotname=2800139374&adk=200902044&adf=3867674493&pi=t.ma~as.2800139374&w=1000&fwrn=4&fwrnh=100&lmt=1670605364&rafmt=1&format=1000x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364432&bpp=1&bdt=277&idt=197&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3XWFBzUnIt&p=https%3A//hd.yalla-shoot.video&dtd=201
Frame ID: 32703B1D38B2CBCB05587B41FCF33009
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 29443CFFE902E7A60385C6962E2DEBAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 9660F90DCF53741D5EFEEA03653B7654
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.2771321384~rp.1&daaos=1670597699128&w=1200&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=1200x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1600&idt=-M&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280&nras=2&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YTaAme74UL&p=https%3A//hd.yalla-shoot.video&dtd=14
Frame ID: 55DDFE8C6BA0533AA8CB22E032C13DF2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=90&adk=1880462344&adf=2627832492&pi=t.aa~a.785149281~rp.4&daaos=1670597699128&w=976&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=976x90&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1601&idt=0&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280%2C1200x280&nras=3&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=312&ady=2475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PehaMPBXLZ&p=https%3A//hd.yalla-shoot.video&dtd=19
Frame ID: 00E6A52F8D677A085FEDD32EB2254A0C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: A48A505D85D8199DE381676BBAC1B087
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: C8C2DEB5A1B68EBF2E8DFC4E3D63EE67
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html
Frame ID: E321DA481489B517562257EC66A09635
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 196FEF89B85443E853D954B084DEB895
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6DBE81A724E40212A477415655248E66
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 17316E2677B4A256110DC7F909BAB19A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8853A09E607E72B044466C48AF28F09
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B6366FA58D6C23C517893EEE0963C018
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 487DFF4B27C420301D7D8BA5F0AFEA18
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 1BC704AD69BF066DF4132C39C45DEF24
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7FFAF574915054981CF698AF1DC033D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5AAC2D0952C1FA2CA9AFE862D9F2FB3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلا شوت | Yalla Shoot بث مباشر أهم مباريات اليوم جوال بدون تقطيع

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

152
Requests

92 %
HTTPS

67 %
IPv6

21
Domains

25
Subdomains

18
IPs

2
Countries

1652 kB
Transfer

3837 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZ4OnD5rkHQj0p7_JSXCOXS7r6AzlmokL_vimOsUnYJYaS4fIxwzN4IqrwSeSOIqo_-xkg5orZ34TEEr4zecqpseOIsoHgz-eo03BEfrBNH9RVU5rlO70nneCCfLId_uEonCgM8lQaaU5iqWLkYEic&google_gid=CAESEJtIlPBT5oP1PT5kzec2hoQ&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLbUzZwGEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVNrSjNGWjRPbkQ1cmtIUWowcDdfSlNYQ09YUzdyNkF6bG1va0xfdmltT3NVbllKWWFTNGZJeHd6TjRJcXJ3U2VTT0lxb18teGtnNW9yWjM0VEVFcjR6ZWNxcHNlT0lzb0hnei1lbzAzQkVmckJOSDlSVlU1cmxPNzBubmVDQ2ZMSWRfdUVvbkNnTThsUWFhVTVpcVdMa1lFaWM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwelRCeDlSZ0RJNHhYSE1xbHA0aXZoV1BiMjFLazZSLWVLdTlSRWkxb3NsWQ==&google_push

Request Chain 125

https://rtb.openx.net/sync/dds?google_gid=CAESELNqWO7caRXCBBqvdu9H0H4&google_cver=1&google_push=ASkJ3Fbeog0wkybCTNcUGd_nMgH2WDc53rQGUQ8Z2IfCIZS6me-k5jkWPCTGgERNkxVfQePJ6pHxsNRlQYHlW3_NgYOuvs1LdBruOWF5uVbsv-pVk17n7eiiMBkvtQvbcYFDTC--Kw0TypR-NVV1eThy3Cs HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESELNqWO7caRXCBBqvdu9H0H4&google_cver=1&google_push=ASkJ3Fbeog0wkybCTNcUGd_nMgH2WDc53rQGUQ8Z2IfCIZS6me-k5jkWPCTGgERNkxVfQePJ6pHxsNRlQYHlW3_NgYOuvs1LdBruOWF5uVbsv-pVk17n7eiiMBkvtQvbcYFDTC--Kw0TypR-NVV1eThy3Cs&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3Fbeog0wkybCTNcUGd_nMgH2WDc53rQGUQ8Z2IfCIZS6me-k5jkWPCTGgERNkxVfQePJ6pHxsNRlQYHlW3_NgYOuvs1LdBruOWF5uVbsv-pVk17n7eiiMBkvtQvbcYFDTC--Kw0TypR-NVV1eThy3Cs&google_hm=glcXdFsTxHY3aKBKAK6LUg==

Request Chain 126

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAU2wtOqcMEMieHkTSYQ9X8&google_cver=1&google_push=ASkJ3Fa6T1qMRU5judy7JNbucooYC6yGAB0iWdxHQlqGJ_utmH7qlv1gyHC9fCKeWZ82QAMvQvlU_T4eQ1b25LOiTW1XdRgrt3jSYIcHlPTBiBnXEseQ91Qbn0sxw54FrpfKcCMh7kQ_VS1--Q4BLDfMmks HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHUkFVTFktMjQtSlhaQw==&google_push=ASkJ3Fa6T1qMRU5judy7JNbucooYC6yGAB0iWdxHQlqGJ_utmH7qlv1gyHC9fCKeWZ82QAMvQvlU_T4eQ1b25LOiTW1XdRgrt3jSYIcHlPTBiBnXEseQ91Qbn0sxw54FrpfKcCMh7kQ_VS1--Q4BLDfMmks

Request Chain 128

https://cc.adingo.jp/adx/push/?google_gid=CAESEAlXv6Dh_aOBzjj0SDQ54NY&google_cver=1&google_push=ASkJ3Fam9o9BsQTSzIyPAM6ZNLaI8NaMRW3n78qvGxGOylS8PznetaKr4othUeeHtl29M0UKAhKS9nQzgW7WdCr7KwP9QyH8d4B4Wig77VBBg_uu_k95gefTRBlg_FKdeq1gt26fOmSSZRZ5z7ZsIRjXzI0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fam9o9BsQTSzIyPAM6ZNLaI8NaMRW3n78qvGxGOylS8PznetaKr4othUeeHtl29M0UKAhKS9nQzgW7WdCr7KwP9QyH8d4B4Wig77VBBg_uu_k95gefTRBlg_FKdeq1gt26fOmSSZRZ5z7ZsIRjXzI0&google_hm=8a1a8e490dfb729065a6f216d426fdd7

Request Chain 145

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOIWsLPXUNl8F26WD2uDlqw&google_cver=1&google_push=ASkJ3FZ_58tLoB_qzCCmIzdzUMrjZB8odQKYjwwL5AyVGYeflAdXw7AW1uJDD4p70uUWI_ASHWSrX3fs_ReV6Ip_X1-laOrRb0pV53LxnQOoNw8-IGqojtt4cfcBiPuh6SD_h1fiC3RK3r-ltxfqIw8sCQ HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZ_58tLoB_qzCCmIzdzUMrjZB8odQKYjwwL5AyVGYeflAdXw7AW1uJDD4p70uUWI_ASHWSrX3fs_ReV6Ip_X1-laOrRb0pV53LxnQOoNw8-IGqojtt4cfcBiPuh6SD_h1fiC3RK3r-ltxfqIw8sCQ&google_hm=1LCkgvcsUxFP52NeJENNCA

Request Chain 146

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESECEAZtRzGQgfdBNEKfHOl8o&google_cver=1&google_push=ASkJ3FamiPdfTio3aUYRuZpcp5M41UpKuVH6YnQCUXUBqddW20pIpvcmf2vXvQhfO4BEPcdW8mM-Qn2Ce1PLt_as8lfE1qMMMREd3wcc4R2m0shwrsEdyNDJsHWvSjYWjcOikZnmmooD2J_Fu8jwvzaazRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=aAxz80xPkesLNdzxUl4fkQ&tap=gAds&google_gid=CAESECEAZtRzGQgfdBNEKfHOl8o&google_cver=1&google_push=ASkJ3FamiPdfTio3aUYRuZpcp5M41UpKuVH6YnQCUXUBqddW20pIpvcmf2vXvQhfO4BEPcdW8mM-Qn2Ce1PLt_as8lfE1qMMMREd3wcc4R2m0shwrsEdyNDJsHWvSjYWjcOikZnmmooD2J_Fu8jwvzaazRA

Request Chain 147

https://rtb.openx.net/sync/dds?google_gid=CAESELNqWO7caRXCBBqvdu9H0H4&google_cver=1&google_push=ASkJ3FYlmci04zCAYH01Q73QQ9KdJTUcVNaY77BK_GPZKckBKopHWQLkI50J7-SV82vHOeCcXpCJ9fqeX2ywmEnXaNT0v6LPipkfF9LuHPgC-2kcTz8fsN5Hu_TfNQzniWGlZkWusH1PaNZ0CUyUJs4oYfM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYlmci04zCAYH01Q73QQ9KdJTUcVNaY77BK_GPZKckBKopHWQLkI50J7-SV82vHOeCcXpCJ9fqeX2ywmEnXaNT0v6LPipkfF9LuHPgC-2kcTz8fsN5Hu_TfNQzniWGlZkWusH1PaNZ0CUyUJs4oYfM&google_hm=glcXdFsTxHY3aKBKAK6LUg==

Request Chain 148

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ0NHPuGVTsjavu7cFkTinU&google_cver=1&google_push=ASkJ3Fayj4kleuZ8YMPfsJW0yOLX4W9fBgi3sdqEyus0YrUDTOpolQxlOjyazxiIeUqPReJo3fGSpAkKUWbCItgy3LPGECHS2bphsHbD3m2XmdxiYoxCC86xJXhP9IHA55VEkt9a5-eJ6hLrnNehf5VbleY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ0NHPuGVTsjavu7cFkTinU&google_cver=1&google_push=ASkJ3Fayj4kleuZ8YMPfsJW0yOLX4W9fBgi3sdqEyus0YrUDTOpolQxlOjyazxiIeUqPReJo3fGSpAkKUWbCItgy3LPGECHS2bphsHbD3m2XmdxiYoxCC86xJXhP9IHA55VEkt9a5-eJ6hLrnNehf5VbleY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vsuSXZnVTYmhPnDjqYqmUg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fayj4kleuZ8YMPfsJW0yOLX4W9fBgi3sdqEyus0YrUDTOpolQxlOjyazxiIeUqPReJo3fGSpAkKUWbCItgy3LPGECHS2bphsHbD3m2XmdxiYoxCC86xJXhP9IHA55VEkt9a5-eJ6hLrnNehf5VbleY

Request Chain 149

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAU2wtOqcMEMieHkTSYQ9X8&google_cver=1&google_push=ASkJ3FZfbsNrcKY88D9MfaH6SOW3JrJ9R0p4Ca0zh7nsrodDVGJp1-h0iD1Nhebmxhl_3vGRc0dR2SLLcInQPP9oRuTnzPjoFhyXYq_DIG2-cXrmR8JerVeXyj88AZQcUXkBZPxdEHhVO541FaZXyVG5KEM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHUkFVTjYtRC1BS1o5&google_push=ASkJ3FZfbsNrcKY88D9MfaH6SOW3JrJ9R0p4Ca0zh7nsrodDVGJp1-h0iD1Nhebmxhl_3vGRc0dR2SLLcInQPP9oRuTnzPjoFhyXYq_DIG2-cXrmR8JerVeXyj88AZQcUXkBZPxdEHhVO541FaZXyVG5KEM

Request Chain 150

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIfX6rfMkJLgAmT6CKHW180&google_cver=1&google_push=ASkJ3FZd6H7EyOGkoP339YFjLj9CGCRupV1UmLfEz3Ngn8fmPB-Vw7cEEPAIRyFdNh0LMh7KD9oMi28AwqzdCdUl9g2_8lZ9u1GzFqZSyPcI1LENvUWilKtmNpDAIChWq1XxVWvwTQMnSGGjabrD5--AE9o HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIfX6rfMkJLgAmT6CKHW180&google_push=ASkJ3FZd6H7EyOGkoP339YFjLj9CGCRupV1UmLfEz3Ngn8fmPB-Vw7cEEPAIRyFdNh0LMh7KD9oMi28AwqzdCdUl9g2_8lZ9u1GzFqZSyPcI1LENvUWilKtmNpDAIChWq1XxVWvwTQMnSGGjabrD5--AE9o&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIfX6rfMkJLgAmT6CKHW180&google_hm=Y5NqNqQUhZvFDxn-t5xfKwAAAB8AAAIB&google_nid=index&google_push=ASkJ3FZd6H7EyOGkoP339YFjLj9CGCRupV1UmLfEz3Ngn8fmPB-Vw7cEEPAIRyFdNh0LMh7KD9oMi28AwqzdCdUl9g2_8lZ9u1GzFqZSyPcI1LENvUWilKtmNpDAIChWq1XxVWvwTQMnSGGjabrD5--AE9o

Request Chain 151

https://cc.adingo.jp/adx/push/?google_gid=CAESEAlXv6Dh_aOBzjj0SDQ54NY&google_cver=1&google_push=ASkJ3FYp-W5wyFstFF9bsanIeBFL45LgZp-d6wjIg0SSGRv9kcR5jSLWv1DtL26wINHtA2NsZnZU_36MpqK07OyFxxsJ9z_JaQdO0gIK7xqTjORaX_9OOmdMPCLiJ2G-E0vyQxY9Nm3J3BKWfe1qkWLPsmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FYp-W5wyFstFF9bsanIeBFL45LgZp-d6wjIg0SSGRv9kcR5jSLWv1DtL26wINHtA2NsZnZU_36MpqK07OyFxxsJ9z_JaQdO0gIK7xqTjORaX_9OOmdMPCLiJ2G-E0vyQxY9Nm3J3BKWfe1qkWLPsmI&google_hm=8a1a8e490dfb729065a6f216d426fdd7

152 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hd.yalla-shoot.video/ 68 KB
14 KB 629ms
135ms Document
text/html 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.yalla-shoot.video/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3ad088e4284e8432b801094994abeef30725f53c8c2f5bda9421acc4519d33c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 776f4f652ba878d0-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 17:02:44 GMT
link: <https://hd.yalla-shoot.video/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElEEOYqHGd%2Bs61LvQ3l9RhckmyArBH8KkMVIOyzyXIPKrSgzGc1z3aZk%2FxT5SGYykHOImPpVn%2BSVyZYPi%2BB%2F67xeMnySdt68gfvlN6bKzVy56oECkBCMxPn0OUXn6ajhzu%2B7rxWqf5n6Kl6ZOb2%2BJ1tLaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 classic-themes.min.css
hd.yalla-shoot.video/wp-includes/css/ 217 B
529 B 30ms
29ms Stylesheet
text/css 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.yalla-shoot.video/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 14:21:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6141
etag: W/"63627cec-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCZQUz6lLZwLB%2FlwaJHAPlhqQNOe6J3ZusNcb4gu%2BAtEi%2BPe0RxELEZkR6T0IFeZmeGkJqOo5ESS6%2FHiuFDHtJuxmabaWZi4v8ofNANFa3zxwSHR37iOf3Siwa3%2FGd9oWqfoCRu9Xqc%2FS%2FvTwEfkBA6w8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 776f4f660d3378d0-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
49 KB 115ms
62ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5718038576987738

Requested by

Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3be6b0f50a96dc7ba0dc1f701467168d09be84a472de3b157ccde3c159887f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Origin: https://hd.yalla-shoot.video
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49638
x-xss-protection: 0
server: cafe
etag: 6195597586319897175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 17:02:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 87ms
36ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107335079-2

Requested by

Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd206e5243254b6b9e59dbe37774710ce0abb7e33f173f255f919c2e542129fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43634
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 17:02:44 GMT

GET
H2 200 lazyload.js Show response
hd.yalla-shoot.video/wp-content/themes/YallaShoot/js/ 7 KB
3 KB 45ms
44ms Script
application/javascript 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.yalla-shoot.video/wp-content/themes/YallaShoot/js/lazyload.js
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6141
cf-polished: origSize=7327
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 02 Jan 2022 15:54:22 GMT
server: cloudflare
etag: W/"61d1caae-1c9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMfukuKE6RmF5XQgf12XpqRug2EKe30exxzG7wBTGbD5Hej1wa6Re%2FlungpNcw7e01suvzskaizRhYV2l9WrIngW4Ly%2BG3Ixd%2Bvx4ryQ3nfVsBq%2FF1CUvPK2%2BYeY8K24TmPWAzSZ0R01zu426YjVUVnu5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 776f4f661d3678d0-EWR

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 NeoSansArabic.woff
hd.yalla-shoot.video/wp-content/themes/YallaShoot/fonts/ 56 KB
57 KB 45ms
45ms Font
font/woff 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.yalla-shoot.video/wp-content/themes/YallaShoot/fonts/NeoSansArabic.woff
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://hd.yalla-shoot.video/
Origin: https://hd.yalla-shoot.video
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4553
etag: "61d0a554-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nz03JsYXakXNjt9bd0ULVFTQuyzrT2zr5s2DmDioHA4dyss8tlgTbznq%2BgApyn07NU%2FA1UkKlAqXiOHGPanxrKDgjpPVXz9rtnAZ7PPkGphdBK%2BIm4IpH7AINGJ6G7DcLAuBozohLp6ho2PcU4zoZq%2Fkzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f666fbc8c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57364

GET
H3 200 %D8%A7%D9%84%D9%86%D8%B5%D8%B1.png
hd.yalla-shoot.video/wp-content/uploads/2022/06/ 15 KB
16 KB 70ms
69ms Image
image/png 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/06/%D8%A7%D9%84%D9%86%D8%B5%D8%B1.png
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b0ac6c2d2ac0d5ebe0e13773e95c17a14fba06f0ae20c7cc346e6ddb9b6f6a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 04:57:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "62affe3d-3c3d"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKuODZHyoTpB2oEVIA9AEPAPjUTDpDX2P94OpTEp388smK9RQ3YQ%2Bu6c6LpkYhmhZjL4v3QfHG0iNdmhgsBLveLkNy1T5xsiBxJh3I%2BY9JTcTy92C6XGmfflqByFjBOd6y1%2F2s6SPVB21iWNpn%2B99FMQYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698048c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15421

GET
H3 200 ud-almeria.png
hd.yalla-shoot.video/wp-content/uploads/2022/08/ 8 KB
8 KB 70ms
67ms Image
image/png 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/08/ud-almeria.png
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e94fdec09288ba9dcf0e6b13f531c4a4fd9d65929f347d512460ce0fd6c9cfa5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2022 04:48:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4346
etag: "62eca108-1edc"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hUSfLHA6CB4BY6aGrl7U%2FqYExZoBw10DgyGDZRM5o5xh8ypbvQtcafey%2FzTD%2F4GwcC%2BSrMM0pdcs6oXhsLTLkf%2B%2B21tPwGwYOQjsqpptmWDDDRA2HAy4QB1WphtJPaUrKUPy9W59vNb%2FxBh3QezcynvMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698138c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7900

GET
H3 200 netherlands.png
hd.yalla-shoot.video/wp-content/uploads/2022/09/ 2 KB
2 KB 82ms
79ms Image
image/png 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/09/netherlands.png
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd346e2699932fbed24d45c064274d55ea37dbd0db2caeaf0e03dbea47e2267

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 22:20:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4014
etag: "632e3122-681"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6%2B%2Bm0fXIjHQib4ZfsIcviWZX%2BSWmPRwbvtHDbI58rfn2%2BTn1bgM3ygjZpFjCArIF47dpSoHiK%2B%2BedSW89hjipwErI5q1N%2FOfPNp%2B%2FpoLbny7NlvFhuRj4f%2FtMFZRo0eoQ4rn7UdhCcNxAX4%2BkmlhHMRYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698178c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1665

GET
H3 200 argentina.png
hd.yalla-shoot.video/wp-content/uploads/2022/09/ 4 KB
5 KB 83ms
80ms Image
image/png 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/09/argentina.png
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eeac0c568551c6210ad00d9c682d66360f72815789896676acb65cf645381f5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 06:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1698
etag: "632d5275-10d2"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDdB6FeCkseGqIqrDaxkEnNt4VlT4IwDUluMXHa%2B%2FH7ES7GHJ7APuxnFG%2FK%2FZNPYrkrbGcCR4EJrnDlCPmsianM02mflsqRdIfxG6telu3zdmRmaKschW6M%2F9da3A1yu6lLaswhm7Mez3RXd11lgaNpX5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f66981b8c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4306

GET
H3 200 croatia.png
hd.yalla-shoot.video/wp-content/uploads/2022/09/ 3 KB
4 KB 83ms
80ms Image
image/png 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/09/croatia.png
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 590956dfc1c3f4fbeb8a34d431cb0b7f339fcf2af0a7b837ff51012a503cca28

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 06:55:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4346
etag: "632963d1-d98"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lPohUus5KgJf7Rj8S%2FZZEoxT3OwiFDjGq9GU1Nl6R9QMor%2FhVkP%2FllfOP%2Fuf1Mbkye%2B0HtwW3iRo8vn8ubdR9OXojGcD%2Brok84UpTqgdEox05VG%2FBiRZhKJDm%2BGNiSARUFlNCtdYhgLooZTtSzYbUaByg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f66981e8c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3480

GET
H3 200 brazil.png
hd.yalla-shoot.video/wp-content/uploads/2022/09/ 5 KB
6 KB 84ms
81ms Image
image/png 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/09/brazil.png
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed3ff85e91a2730c94ae37da2fc45473fa3ec6d9eff479e512273b5e0811df6f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 02:12:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4014
etag: "632bc496-1427"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUmScR7q%2FY09Qp6ZXwqKBUekFtTTpY6YGLmXWZIYha8KEnJcU0fozN%2BbAwph0JWsLsIwdXS426dbOlry%2FxoWMUnej2owQjtRrpIwupOWKm34A9MUtxKIQpRCRHKYqX3yvPDSPAE0XUEHyxAo62S049eHZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698208c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5159

GET
H3 200 GettyImages-1245355478-1-1-300x199.jpg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 12 KB
13 KB 84ms
82ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/GettyImages-1245355478-1-1-300x199.jpg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44c49c661922cd9dd84609b6185753ac3d8aa7698d1ba32f1361bcb1e7201a9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 00:07:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6566
etag: "63927c56-3045"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxOSuLtateceggiYPoqI7BvO0Ra3qeFRXxq6X%2BuW3AbZJblHeB%2FTmn7oMYejP%2BQrGc4IvZ%2FRWpIDvyld9rxuyB75lguNNU8gAlB6tnOOqurWzGAuhBUxAqf0UQCQXclvxNVMbfKRZI8DS8itma6bYf6ilw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698218c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12357

GET
H3 200 images-2022-12-09T020527.130-300x200.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 8 KB
9 KB 85ms
82ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/images-2022-12-09T020527.130-300x200.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e05945fa59af5efba1f3677d0a60ce92862880fbecd23ad1218e74dbafde6c32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 00:05:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2617
etag: "63927bd1-210d"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD2BihbFKhJMKo0Yr29cP5Scvl5aiJ1qRj4bfKYP0N787kJBe4bc%2BvGUgA5RBMdYFd%2Bj6LkOAeV%2BS0fYkh8WbMrVn4iKfDQvCY%2F0APUrG%2FgTZ8XHHkkLMDcS%2Fg14%2Bam6OouLd2JIBwwyrHLKYffXnhB3KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698248c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8461

GET
H3 200 %D8%AA%D9%86%D8%B2%D9%8A%D9%84-2022-12-09T020229.572.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 5 KB
6 KB 85ms
83ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/%D8%AA%D9%86%D8%B2%D9%8A%D9%84-2022-12-09T020229.572.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002788b99b0660f2ad50739959ad902bcda0ef8a9d285618a640b2410757f90b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 00:02:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6566
etag: "63927b23-149c"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJI8gI82nKTYFjVYsE9PbsSI6qj6D902tA6BTqT3ed%2FQ%2BsUtha5qHNZuGP7GUQ0upsmGWzvuye3P7%2BmHvpogFsLaL%2F8ydVBrF6JVqjvDbFeulUWD5fXBZ%2F9P%2BUge71AiO6mme9bL0ExO%2FvL%2F0pk%2FryZ2tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698278c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5276

GET
H3 200 Cody-Gakpo-Memphis-Depay-770x504.jpg-300x196.webp
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 18 KB
18 KB 86ms
83ms Image
image/webp 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/Cody-Gakpo-Memphis-Depay-770x504.jpg-300x196.webp
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7db454be9e2a6d0ada482a9635bf5100c11d0187fd66055fa91317092a5f7a51

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 00:00:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6566
etag: "63927abb-46aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BFHFphN0%2FN5pOR06ATM4ZOJT4zBxvw%2F3X1i%2BxY%2FhMJReEELB2hN60mXDmjTNLniVQmuZvvytWAWIqEj%2Bwx55WYRNS1vYe6OgoXZiV1gx5aHSCy50eHTv7WDuF7qZ7bLzbvrsKNIxeFnoC4KRMlf9PUzFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698298c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18090

GET
H3 200 images-2022-12-09T015842.673-300x143.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 8 KB
9 KB 90ms
87ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/images-2022-12-09T015842.673-300x143.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3b421628299862c5c5eb9da20478bf4d59ee3eecc2246af4d021c7f1ec37376

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 23:58:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2679
etag: "63927a43-2188"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL0rTKPqyVa1B8yvES7Et7cDeYY7ImJc5PPkjrYZIC%2F9w0ZuzxypFS0aawKDFCr9QT%2FZmssiTxZ%2FjbTXQoMgg1OXJkc9vXbzk390wK%2BM%2Fd3eF1sJmRH2id1BoeZeixZpQNgnsvJYt9q%2F4e6wSYx3iM8zhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f66982c8c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8584

GET
H3 200 images-2022-12-09T015649.635-300x205.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 12 KB
13 KB 96ms
94ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/images-2022-12-09T015649.635-300x205.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db685238c8f8cc0fd135cb631b17c107c86584f43f829cf4ac70a88ab8bfa225

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 23:56:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2615
etag: "639279c7-301d"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BEq102DYBN62kVjdzJPEqDGVLVO3oI2iFyWkxOR4d6VdH82h4x9wM3EBtyuM8kKuE%2Buqhwl0X5TMkNO9sYXkVaZ%2BAE4AlT1ZVk9OE5AqywTnE44hY4Nh1rKoEFavwnFR5q1NmroQpv2jLne3d2n4UiUag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698308c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12317

GET
H3 200 images-2022-12-09T015218.731-300x181.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 11 KB
11 KB 100ms
98ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/images-2022-12-09T015218.731-300x181.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d071bfb3dc742c5936c348ba5a6f219f2b752649b9091301a6e3155a31e15c58

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 23:52:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2615
etag: "639278be-2beb"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUE1dTfsx7nshf94n1WHrWJPeBNp0XqInnA2qF5ufXkPbv5xI6sJB80PMW6Kdd%2Fi%2Fou93JYCBZebk4EGeJgHFvNaYfobVZU1bHgW510XF9JYKwBmV2%2FRvUsulX4ygp%2BS%2BGa01IUp1KeV3fbHP2TjH1yI2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f66985c8c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11243

GET
H3 200 images-2022-12-09T014947.832-300x168.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 10 KB
10 KB 104ms
102ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/images-2022-12-09T014947.832-300x168.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ceca04485257de474dc33a0955249877beaad0fe3888c6f3069046cf6097113

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 23:50:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2615
etag: "6392782b-274d"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aq%2FMgt%2BDjnESvqo16ef56UuXzqcbTQWBCeVvnNiH%2FHMkChO8wdbawuiPNHSLHKOSpnmu2Rhs%2BHHLo8wwxkT4UF5VpV107PnRVfcg5Af8k9oaSKLfUeN9MTSO62dAE%2BKnpXB2p3YMmYLAjiOKVWIZ52kfhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698678c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10061

GET
H3 200 images-2022-12-09T014551.028-300x200.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 12 KB
12 KB 106ms
103ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/images-2022-12-09T014551.028-300x200.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453b389160af06a7d670d477fcb9428cb866ea10d02236f8b89e46b9d6040b9a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 23:46:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2615
etag: "6392773e-2f15"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cye16Ib4DJIUBK9WxiVs6DjEBcD%2FbKbgsx3BD2hhIiezMl7miQQd3uwOuxNjIwFe7aP%2BL2wDLWhd41yn%2B%2FewD2g7xPDpFSSb1m7PIwJUxHMTdFESh1InzxUaMlXGOqOjfhn9KeB%2FEXFCtMzRSwki25TVLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f66986d8c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12053

GET
H3 200 images-2022-12-08T014043.554-300x158.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 10 KB
10 KB 108ms
106ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/images-2022-12-08T014043.554-300x158.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb790408786a00519f3a3f500397d5eff67e322c1bb0acd00bf19060009f739

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 23:42:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2100
etag: "63927669-2754"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cM4kCRTspiXjAdUIPpw140%2B85UHx6J3cDBmSdfOemHJWzyIsD3OLHm3CJawsvadEQ9gLxdIw%2BzkAapfwDE3AZlWiAdDZepvAqId6gRTJjgMfx%2B%2BJpSVitSOXFEFOQX4wSj8aZRX%2B8rCXfiEg9SP6sKJR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698738c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10068

GET
H3 200 Kloppppppp-Tuchellllll-770x502.jpg-1-300x196.webp
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 7 KB
8 KB 109ms
107ms Image
image/webp 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/Kloppppppp-Tuchellllll-770x502.jpg-1-300x196.webp
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2476448bd3ab711a60c9daf21d2c192358b5f86d06f939daa693b294182217c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 23:40:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1965
etag: "639275e2-1d58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zQ1XELJfXLXB0bJNSxkLS58e83wa0PVMXf1yuwbEb1LDFA8v2mOLoGQ3t8o6MWFfpiuUbTuMEGzcRCPbLrrXmbQXVlXYr8lE4SGiuhJj6CxPVTprUYdXvEiukd2cIBoHpXRfF1L%2FZgui14vF0AhBcZXjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698748c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7512

GET
H3 200 images-2022-12-09T013742.561-300x169.jpeg
hd.yalla-shoot.video/wp-content/uploads/2022/12/ 16 KB
16 KB 118ms
116ms Image
image/jpeg 2606:4700:3038::6815:ea86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.yalla-shoot.video/wp-content/uploads/2022/12/images-2022-12-09T013742.561-300x169.jpeg
Requested by: Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62c04201ac2b83e7b67fac179eb93fd469e4f433344a267be583fcd71f9f2fb8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 23:38:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1965
etag: "63927563-3e4d"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXB9kFZOwpS%2BvaWOibPII%2FgxvVXCd5iW%2FlIA1yhidss%2FTtCmjAQUPt5dwS8%2FpXDs2Mdats3mDaaSqsABcr6NbLiXPojE1MeqVpcri3LS8KEE7VWV8ys3we12pFMwwTzlTzwHiwwXsEgMN4Fbv2n05jVUbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 776f4f6698768c0b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15949

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 16:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1666
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 09 Dec 2022 18:34:58 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/ 356 KB
117 KB 107ms
65ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5718038576987738

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe75bce48dc7665147c3620302c363f8dba3ff92d878d1028917c3aec5f9dd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119772
x-xss-protection: 0
server: cafe
etag: 12319788149643388804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 17:02:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame E9B3 10 KB
5 KB 72ms
19ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5718038576987738

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 16:42:18 GMT
etag: 10353107486223812946
expires: Fri, 23 Dec 2022 16:42:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 77ms
34ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1995322343&t=pageview&_s=1&dl=https%3A%2F%2Fhd.yalla-shoot.video%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%7C%20Yalla%20Shoot%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AC%D9%88%D8%A7%D9%84%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=257250199&gjid=1126035573&cid=959399767.1670605364&tid=UA-107335079-2&_gid=1008645250.1670605364&_r=1&gtm=2oubu0&z=877427136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hd.yalla-shoot.video/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hd.yalla-shoot.video
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
702 B 119ms
40ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hd.yalla-shoot.video&callback=_gfp_s_&client=ca-pub-5718038576987738&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b931c4a10ef4b3ba7142877b5790d37850e0cd2978c74c1dcd9dbdde66fb01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 147ms
40ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=hd.yalla-shoot.video

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 90ms
38ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hd.yalla-shoot.video

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DEA7 275 KB
70 KB 982ms
936ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&adk=1812271804&adf=3025194257&lmt=1670605364&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364422&bpp=8&bdt=268&idt=169&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6588423047209&frm=20&pv=2&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=191

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f92a4308e7f3094808a7043875354d582df68fac6ed66d29ed8eb0f3ef44853d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 71317
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:45 GMT
expires: Fri, 09 Dec 2022 17:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 887F 93 KB
33 KB 606ms
568ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&slotname=3843712019&adk=2969204344&adf=54630664&pi=t.ma~as.3843712019&w=1000&fwrn=4&fwrnh=100&lmt=1670605364&rafmt=1&format=1000x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364430&bpp=2&bdt=275&idt=187&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Egu1hu3oQ&p=https%3A//hd.yalla-shoot.video&dtd=193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4cb909b8a941dec7656e5200e202ba7f5102d12186931f8b0d39cc7019ea8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33291
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:45 GMT
expires: Fri, 09 Dec 2022 17:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3270 93 KB
32 KB 622ms
609ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&slotname=2800139374&adk=200902044&adf=3867674493&pi=t.ma~as.2800139374&w=1000&fwrn=4&fwrnh=100&lmt=1670605364&rafmt=1&format=1000x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364432&bpp=1&bdt=277&idt=197&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3XWFBzUnIt&p=https%3A//hd.yalla-shoot.video&dtd=201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43709607e543c11cf8d4f6ea8ae6bf8d1f6f0af425157f43075509a76d6cc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33154
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:45 GMT
expires: Fri, 09 Dec 2022 17:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 887F 8 KB
1 KB 88ms
37ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&slotname=3843712019&adk=2969204344&adf=54630664&pi=t.ma~as.3843712019&w=1000&fwrn=4&fwrnh=100&lmt=1670605364&rafmt=1&format=1000x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364430&bpp=2&bdt=275&idt=187&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Egu1hu3oQ&p=https%3A//hd.yalla-shoot.video&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 16:44:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 887F 2 KB
799 B 103ms
51ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 887F 0
0 92ms
92ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0wGENGqTY7GKLNCX998PxbCGsA2T3dnUbdLM8PzmEOK8nejCMxABINXSpI8BYP3oooHwA6AByq2E7wLIAQmpAmNZHn3pEl0-qAMByAPLBKoE2gFP0JkAk4xQpegKVXW_j83h5gp1VA8FD8s7n-UIon_CK7v7nxUu_1spE5zsE2brhusqGEN15q1gekmAREqGYvXs-YWe6uNviIVMrWkrQGy3GTodj1yptJVrm7goSPFCZrEMTB31tounDaHP1hpxqlYNov8ZWB_mcLY-6fnD_ocmJ5AEcuW9ljFk5WhIydFbLV61R-dTZsUoLqlF7cKQcxRhnodjiGW0v83tGlZyoPHbp2nfZpbszRXni26aaCqvjWnn-k_HZnWleOdQ8fZz9xPzXitJJdS1lv-JKsAEwqH2jP0DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB57S-5ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqoUK0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTU3MTgwMzg1NzY5ODc3MzgYAA&sigh=uX2DLf2rhG4&uach_m=[UACH]&cid=CAQSGwDq26N9mLQ3hceIoT1rvbTY47-Lxad8-sr5xRgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&slotname=3843712019&adk=2969204344&adf=54630664&pi=t.ma~as.3843712019&w=1000&fwrn=4&fwrnh=100&lmt=1670605364&rafmt=1&format=1000x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364430&bpp=2&bdt=275&idt=187&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Egu1hu3oQ&p=https%3A//hd.yalla-shoot.video&dtd=193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 17:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 887F 23 KB
10 KB 65ms
22ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 887F 3 KB
1 KB 87ms
44ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 887F 18 KB
7 KB 70ms
28ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 887F 153 KB
47 KB 144ms
92ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 887F 34 KB
14 KB 72ms
20ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:11:25 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1442903451922021672/ Frame 887F 10 KB
11 KB 83ms
47ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1442903451922021672/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6faa70fde346b9798893d9527545fdac31bab690d499b29d12d1144984c6d757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:25:49 GMT
x-content-type-options: nosniff
age: 340616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10713
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 12:36:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 18:25:49 GMT

GET
DATA 200
OK truncated
/ Frame 887F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 887F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 3270 8 KB
968 B 59ms
52ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&slotname=2800139374&adk=200902044&adf=3867674493&pi=t.ma~as.2800139374&w=1000&fwrn=4&fwrnh=100&lmt=1670605364&rafmt=1&format=1000x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364432&bpp=1&bdt=277&idt=197&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3XWFBzUnIt&p=https%3A//hd.yalla-shoot.video&dtd=201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 16:32:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 3270 2 KB
818 B 54ms
45ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 3270 23 KB
9 KB 49ms
41ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 3270 3 KB
1 KB 49ms
46ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 3270 18 KB
7 KB 32ms
25ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3270 153 KB
47 KB 115ms
96ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 3270 34 KB
14 KB 39ms
25ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:11:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3270 0
0 92ms
91ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co11vNGqTY8j0K9_K998P3LevmAr9_ujqbILNtrf0D8O078LFNBABINXSpI8BYP3oooHwA6AB6vSZsSjIAQmoAwHIA8sEqgTZAU_QLLO4jvYXdPNXxljeA4KIXEslLzfIp-0Sn2ufaujCBH8p70OO1lyyP7G1Ikf1KaBdu5CqNfUEVN7QU-1K10vrRz1FFMQTmucMAsfimzWikfLZg5lZXE_V5TDtRpKGI9aonTjKuz_e9JXw1NkLKpY2EA1A6QjiVYAy0WpuvUi76xMY7PE7fKuimsntZvTsFw3E7faLKaCn-kvah4P_8jCeBmV85NbXc_zZqcpxAlOxQZ-R7ICpNPtiZsCxQMHh9eLZhZdKRwFKQr3FIk9WnAa46gWgCHrOsfLABJ3d8-CEBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfqrOqQA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEK6dC9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01NzE4MDM4NTc2OTg3NzM4GAA&sigh=vLtR_BIvB8A&uach_m=[UACH]&cid=CAQSGwDq26N96463anUPJYOHc6hv91P5KdfCrvEczBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&slotname=2800139374&adk=200902044&adf=3867674493&pi=t.ma~as.2800139374&w=1000&fwrn=4&fwrnh=100&lmt=1670605364&rafmt=1&format=1000x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605364432&bpp=1&bdt=277&idt=197&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3XWFBzUnIt&p=https%3A//hd.yalla-shoot.video&dtd=201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 17:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7555031217684409806/ Frame 3270 25 KB
25 KB 50ms
49ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7555031217684409806/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e29eb4bbc766231e3ffe0b9332bf7698c7b07fb9a427bb9ffcdba5458daf923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:27:37 GMT
x-content-type-options: nosniff
age: 138908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25714
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 13:26:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Dec 2023 02:27:37 GMT

GET
DATA 200
OK truncated
/ Frame 3270 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3270 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 887F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33342371c4a03d96498f5e463e05b9417be4519c720c60f98c39dcb10be6cdcb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3270 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb0d8b26e679e05abec01eea2ac2ec0030824144f3dccb51542ef55b02eb0c2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 887F 28 KB
28 KB 73ms
20ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 160089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:34:36 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3270 28 KB
28 KB 75ms
40ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 160089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:34:36 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2944 36 KB
16 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 18:10:56 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9660 36 KB
16 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 18:10:56 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/ 150 KB
51 KB 60ms
59ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5e49c673600ce2445b376d60ce36dc8dcffbaf2685775b8eb5b1539401fd5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52354
x-xss-protection: 0
server: cafe
etag: 2449799273573591401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H3 200 css2
fonts.googleapis.com/ 606 B
388 B 79ms
36ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 17:02:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 81ms
80ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-5718038576987738&c=8&e=44778768&h=hd.yalla-shoot.video&ld=ar&lx=ar&m=0&n=0&o=a&p=65&t=0&w=637&x=3

Requested by

Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 86ms
40ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=hd.yalla-shoot.video

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 86ms
43ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hd.yalla-shoot.video

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55DD 96 KB
34 KB 423ms
420ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.2771321384~rp.1&daaos=1670597699128&w=1200&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=1200x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1600&idt=-M&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280&nras=2&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YTaAme74UL&p=https%3A//hd.yalla-shoot.video&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03fea9f9c0f7bc9ad99dff656a2add7715d7c5c663889129228f484053e1d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00E6 85 KB
32 KB 512ms
512ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=90&adk=1880462344&adf=2627832492&pi=t.aa~a.785149281~rp.4&daaos=1670597699128&w=976&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=976x90&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1601&idt=0&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280%2C1200x280&nras=3&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=312&ady=2475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PehaMPBXLZ&p=https%3A//hd.yalla-shoot.video&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a90c4507b592beeaf7411e02172d1383cefc8c3c709641d70445f59a13466c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 33019
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame A48A 10 KB
4 KB 22ms
21ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 79464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 18:58:21 GMT
etag: 10353107486223812946
expires: Thu, 22 Dec 2022 18:58:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame C8C2 10 KB
4 KB 21ms
20ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 79464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 18:58:21 GMT
etag: 10353107486223812946
expires: Thu, 22 Dec 2022 18:58:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 124ms
81ms Fetch
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hd.yalla-shoot.video/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css2
fonts.googleapis.com/ Frame A48A 4 KB
636 B 36ms
36ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 16:27:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A48A 205 B
229 B 64ms
22ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:24:20 GMT
x-content-type-options: nosniff
age: 275905
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 06 Dec 2023 12:24:20 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A48A 604 B
628 B 64ms
23ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:46:07 GMT
x-content-type-options: nosniff
age: 245798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 06 Dec 2023 20:46:07 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame A48A 19 KB
8 KB 72ms
25ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:12:01 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/ Frame E321 49 KB
11 KB 75ms
45ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Requested by

Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3867384a36384899310aa356ff5a1e9e7105c73a916ba557953284b4f77c3292

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:45 GMT
expires: Sat, 09 Dec 2023 17:02:45 GMT
last-modified: Wed, 21 Apr 2021 01:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8C2 0
0 99ms
99ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0-6vNGqTY5OELOXL998Poty_iAnPyrStbezXq86ODdrZHhABINXSpI8BYP3oooHwA6AB-PzDlgLIAQmpAqVkdcPKpqg-qAMByANIqgTZAU_QblzFlGIVdE56R0KHk_HqIttZh7mHdWQgZNXqortpRQJh5TE0tXg2DqjHITLHOKcqBTzT1baksuxpqHsx4NHyYDHs-iHxqAyqNee-_D4jCi1rG2QsipYP3AW_zBb0U_r73nsIamD9HEwz87X_Oa8zpgVH1blYiPeUZ86Uk3gJJ9XoY4oU2Z88-cD385DkYDaRdlHQlL0DHN-nAkQN26Oloq8NjZ2OvgC0HG1lRjv2_3TK3CjbzjHTB75Dhpqy83A1OLzs2PfEkd_Fm2jbASVYjh-JYHsYfGHABP20lpK1A5IFBAgEGAGSBQQIBRgEoAYugAfwgrzpAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELn3DdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NzE4MDM4NTc2OTg3NzM4GAA&sigh=ZXANzEXeeEE&uach_m=[UACH]&cid=CAQSGwDq26N9mIW2hFQH4ukOj0ZX8nka8t0ilR95BBgBIBM&template_id=419

Requested by

Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 17:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame C8C2 23 KB
9 KB 48ms
20ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 196F 8 KB
895 B 37ms
36ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 16:34:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 196F 2 KB
765 B 22ms
22ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 196F 23 KB
9 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 196F 3 KB
1 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 196F 18 KB
7 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 196F 153 KB
47 KB 83ms
38ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 17:02:45 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 196F 34 KB
14 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:11:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DBE 143 B
166 B 21ms
19ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 16:17:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame C8C2 3 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame C8C2 18 KB
7 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1731 143 B
166 B 21ms
20ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 16:17:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E321 6 KB
3 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 10 Dec 2022 01:15:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E321 34 KB
13 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 03:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 10 Dec 2022 03:02:37 GMT

GET
H3 200 bonjours.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/ Frame E321 4 KB
4 KB 36ms
35ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/bonjours.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34bd64e8a8c3cedae7398632b995eabe551572b5d6c1e56f7907ae7210050768

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 17:02:45 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4353
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 01:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 17:02:45 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/ Frame E321 5 KB
5 KB 61ms
61ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195e3cc6b14dd71d5c620a60c42d5c562490b178725573edea6060d39810eefc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5510
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 01:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 17:02:46 GMT

GET
H3 200 axe_1line_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/ Frame E321 2 KB
2 KB 38ms
37ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/axe_1line_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82ea07b54b25b722ff366af2d1907a0646825804c9a3cc9978a28b1de421e627

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 17:02:45 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2343
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 01:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 17:02:45 GMT

GET
H3 200 texte2_1ligne_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/ Frame E321 3 KB
3 KB 57ms
56ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/texte2_1ligne_2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9d0294636899f1c501eefb78052f3116580cfa811f5552659cad64c82030877

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2595
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 01:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 17:02:46 GMT

GET
H3 200 cta_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/ Frame E321 2 KB
2 KB 40ms
39ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/cta_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62e730c9e39509774545c5bc9e5b24aa6130c0f2611a0d125e40a1e888fe6385

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2248
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 01:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 17:02:46 GMT

GET
H3 200 photo.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/ Frame E321 46 KB
46 KB 60ms
59ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/photo.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cb4703cea4cf5334fdcd6f36514d1b70bc9774dcc094763c0566bf707d348b7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46940
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 01:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 17:02:46 GMT

GET
H3 200 texte_rev_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/ Frame E321 4 KB
4 KB 57ms
56ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/texte_rev_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25f9c62ffe2b5123be77183ea0ad924f8d0b38d6e1f96206b4716b9139e55cd9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4284
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 01:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 17:02:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8C2 153 KB
47 KB 73ms
72ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 17:02:46 GMT

GET
DATA 200
OK truncated
/ Frame C8C2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69bb08337dc0b0475f6dff4963656fa109a2d1952fee2aef40ee97ce6706c77a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DBE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
42ms

Document
text/html

2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:46 GMT
expires: Fri, 09 Dec 2022 17:02:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1731
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
43ms

Document
text/html

2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:46 GMT
expires: Fri, 09 Dec 2022 17:02:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame E321 36 KB
16 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 18:10:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 55DD 8 KB
895 B 37ms
36ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.2771321384~rp.1&daaos=1670597699128&w=1200&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=1200x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1600&idt=-M&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280&nras=2&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YTaAme74UL&p=https%3A//hd.yalla-shoot.video&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 17:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 16:24:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 17:02:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 55DD 2 KB
765 B 22ms
20ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 55DD 23 KB
9 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 55DD 3 KB
1 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 55DD 18 KB
7 KB 24ms
22ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 55DD 0
0 85ms
38ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyXxVH0VG0MI0QoTBXo2zXYPE-ZT151IkGdOCQEyKmwzKm0dh0XYXehQFhboV8VFtvMZ3-7Ne_x87eOiU-Xn-rH3IRvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.2771321384~rp.1&daaos=1670597699128&w=1200&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=1200x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1600&idt=-M&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280&nras=2&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YTaAme74UL&p=https%3A//hd.yalla-shoot.video&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55DD 153 KB
47 KB 40ms
40ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 17:02:46 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 55DD 34 KB
14 KB 22ms
20ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:11:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 55DD 0
0 91ms
90ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUzRQNWqTY8fmMtzM998Pzc6lwAL9_ujqbILNtrf0D8O078LFNBABINXSpI8BYP3oooHwA6AB6vSZsSjIAQmoAwHIA8sEqgTTAU_QGR_r_N4IRfkUsvF_iK24GFdZ2I760Raysi6rznXDqCPxG0eefTQ0-uKmiZVhe_rS5UAHZ3jmb9ubujVDpYKfOz5PxUJyOc2ylkEg4GJ007M9Jo4Pkutf1thDTLXhF5PvfcYjUZGs4945bkgI5mSOKdcmGfdChFdkGZIEq696u1VIjIhkvMxb6dq-YiNHC8bLupcGvYcSfpLmp62JF9GvSrXmVN8U4LwCFXeCNtCr-FF-O22V9jZnXAlv7vXnSd7WBnbu4F1onh6ZjUMw0s0HNX3ABJ3d8-CEBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfqrOqQA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL3tA9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01NzE4MDM4NTc2OTg3NzM4GAA&sigh=z_yIgzsbeX4&uach_m=[UACH]&cid=CAQSOwDq26N9vT4K_9dWHML_Gkwp3qySEJCdblhq2p-a9z-lTmCVR-GvfJvArCSqjUbtMp-VDVnz7tAtHRNXGAEgEw&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.2771321384~rp.1&daaos=1670597699128&w=1200&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=1200x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1600&idt=-M&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280&nras=2&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YTaAme74UL&p=https%3A//hd.yalla-shoot.video&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7555031217684409806/ Frame 55DD 25 KB
25 KB 23ms
23ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7555031217684409806/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e29eb4bbc766231e3ffe0b9332bf7698c7b07fb9a427bb9ffcdba5458daf923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:27:37 GMT
x-content-type-options: nosniff
age: 138909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25714
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 13:26:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Dec 2023 02:27:37 GMT

GET
DATA 200
OK truncated
/ Frame 55DD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55DD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A885 1 KB
643 B 21ms
20ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 73846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 20:32:00 GMT
etag: 48472445140208031
expires: Fri, 09 Dec 2022 20:32:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 55DD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 267157029a6d493bdb47edf14e87ca6913f56bc75d014953f2e25651a79d447e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame A885 35 B
464 B 97ms
26ms Image
image/gif 2620:116:800b:21:4cb8:1820:80ca:50f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOIWsLPXUNl8F26WD2uDlqw&google_cver=1&google_push=ASkJ3FbYG6CbuteKtL5EGLt0jAvFr4QMKVaIzrf9xkbxB4piH5i0PfQhNX22oaOT3i7K-OWUZjdO1sC3gXpFFXa8BYwL7_BfNtdz1uLQi4p9sooAKftZFvVUMexZwV-BKdcRiHTwSvCzZOEPUCRQYFhvruQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A885
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZ4OnD5rkHQj0p7_JSXCOXS7r6AzlmokL_vimOsUnYJYaS4fIxwzN4IqrwSeSOIqo_-xkg5orZ34TEEr4zecqpseOIsoHgz-eo03BEfrBNH9RVU5rlO70nneCCfLId_uEonCgM8lQa...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLbUzZwGEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVNrSjNGWjRPbkQ1cmtIUWowcDdfSlNYQ09YUzdyNkF6bG1va0xfdmltT3NVbllKWWFTNGZJeHd6TjRJcXJ3U2VTT0lxb18teGtnNW9yWjM0VEVFcj...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwelRCeDlSZ0RJNHhYSE1xbHA0aXZoV1BiMjFLazZSLWVLdTlSRWkxb3NsWQ==&google_push

170 B
188 B

39ms
38ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwelRCeDlSZ0RJNHhYSE1xbHA0aXZoV1BiMjFLazZSLWVLdTlSRWkxb3NsWQ==&google_push

Requested by

Host: hd.yalla-shoot.video
URL: https://hd.yalla-shoot.video/

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 09 Dec 2022 17:02:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwelRCeDlSZ0RJNHhYSE1xbHA0aXZoV1BiMjFLazZSLWVLdTlSRWkxb3NsWQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A885
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESELNqWO7caRXCBBqvdu9H0H4&google_cver=1&google_push=ASkJ3Fbeog0wkybCTNcUGd_nMgH2WDc53rQGUQ8Z2IfCIZS6me-k5jkWPCTGgERNkxVfQePJ6pHxsNRlQYHlW3_NgYOuvs1LdBruO...
https://rtb.openx.net/sync/dds?google_gid=CAESELNqWO7caRXCBBqvdu9H0H4&google_cver=1&google_push=ASkJ3Fbeog0wkybCTNcUGd_nMgH2WDc53rQGUQ8Z2IfCIZS6me-k5jkWPCTGgERNkxVfQePJ6pHxsNRlQYHlW3_NgYOuvs1LdBruO...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3Fbeog0wkybCTNcUGd_nMgH2WDc53rQGUQ8Z2IfCIZS6me-k5jkWPCTGgERNkxVfQePJ6pHxsNRlQYHlW3_NgYOuvs1LdBruOWF5uVbsv-pVk17n7eiiMBkvtQvbcYFDTC...

170 B
188 B

84ms
39ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3Fbeog0wkybCTNcUGd_nMgH2WDc53rQGUQ8Z2IfCIZS6me-k5jkWPCTGgERNkxVfQePJ6pHxsNRlQYHlW3_NgYOuvs1LdBruOWF5uVbsv-pVk17n7eiiMBkvtQvbcYFDTC--Kw0TypR-NVV1eThy3Cs&google_hm=glcXdFsTxHY3aKBKAK6LUg==

Requested by

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3Fbeog0wkybCTNcUGd_nMgH2WDc53rQGUQ8Z2IfCIZS6me-k5jkWPCTGgERNkxVfQePJ6pHxsNRlQYHlW3_NgYOuvs1LdBruOWF5uVbsv-pVk17n7eiiMBkvtQvbcYFDTC--Kw0TypR-NVV1eThy3Cs&google_hm=glcXdFsTxHY3aKBKAK6LUg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 9hq7i7rlf23dm32mbu2ao9k5bk4un872

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A885
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAU2wtOqcMEMieHkTSYQ9X8&google_cver=1&google_push=ASkJ3Fa6T1qMRU5judy7JNbucooYC6yGAB0iWdxHQlqGJ_utmH7qlv1gyHC9fCKeWZ82QAMvQvl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHUkFVTFktMjQtSlhaQw==&google_push=ASkJ3Fa6T1qMRU5judy7JNbucooYC6yGAB0iWdxHQlqGJ_utmH7qlv1gyHC9fCKeWZ82QAMvQvlU_T4eQ1b25LOiTW1XdRgrt3jSY...

170 B
188 B

49ms
42ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHUkFVTFktMjQtSlhaQw==&google_push=ASkJ3Fa6T1qMRU5judy7JNbucooYC6yGAB0iWdxHQlqGJ_utmH7qlv1gyHC9fCKeWZ82QAMvQvlU_T4eQ1b25LOiTW1XdRgrt3jSYIcHlPTBiBnXEseQ91Qbn0sxw54FrpfKcCMh7kQ_VS1--Q4BLDfMmks

Requested by

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHUkFVTFktMjQtSlhaQw==&google_push=ASkJ3Fa6T1qMRU5judy7JNbucooYC6yGAB0iWdxHQlqGJ_utmH7qlv1gyHC9fCKeWZ82QAMvQvlU_T4eQ1b25LOiTW1XdRgrt3jSYIcHlPTBiBnXEseQ91Qbn0sxw54FrpfKcCMh7kQ_VS1--Q4BLDfMmks
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame A885 43 B
296 B 553ms
34ms Image
image/gif 2600:1f16:b8a:8e01:1ac2:27d:73ba:66ff
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDFVdxSJCXcOWuMPWgGglzk&google_cver=1&google_push=ASkJ3Fb41VVFpMkXI2Rqllpv4BK9f2Kc3CBVc_4fjbM6woQvFURGR7ilMMxUatw8ZDjrB9_Me_ro6RUoUXovEHDI9buQ1dJdOZ-SxoJbk3iJ4DBAgZIDb04Zkj1wlpLLMzbUGHTAGLtb9FML2l5ZKDjQJzI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.2771321384~rp.1&daaos=1670597699128&w=1200&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=1200x280&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1600&idt=-M&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280&nras=2&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YTaAme74UL&p=https%3A//hd.yalla-shoot.video&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:b8a:8e01:1ac2:27d:73ba:66ff Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A885
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEAlXv6Dh_aOBzjj0SDQ54NY&google_cver=1&google_push=ASkJ3Fam9o9BsQTSzIyPAM6ZNLaI8NaMRW3n78qvGxGOylS8PznetaKr4othUeeHtl29M0UKAhKS9nQzgW7WdCr7KwP9QyH8d4B4W...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fam9o9BsQTSzIyPAM6ZNLaI8NaMRW3n78qvGxGOylS8PznetaKr4othUeeHtl29M0UKAhKS9nQzgW7WdCr7KwP9QyH8d4B4Wig77VBBg_uu_k95gefTRBlg_FKdeq...

170 B
188 B

70ms
38ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fam9o9BsQTSzIyPAM6ZNLaI8NaMRW3n78qvGxGOylS8PznetaKr4othUeeHtl29M0UKAhKS9nQzgW7WdCr7KwP9QyH8d4B4Wig77VBBg_uu_k95gefTRBlg_FKdeq1gt26fOmSSZRZ5z7ZsIRjXzI0&google_hm=8a1a8e490dfb729065a6f216d426fdd7

Requested by

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fam9o9BsQTSzIyPAM6ZNLaI8NaMRW3n78qvGxGOylS8PznetaKr4othUeeHtl29M0UKAhKS9nQzgW7WdCr7KwP9QyH8d4B4Wig77VBBg_uu_k95gefTRBlg_FKdeq1gt26fOmSSZRZ5z7ZsIRjXzI0&google_hm=8a1a8e490dfb729065a6f216d426fdd7
date: Fri, 09 Dec 2022 17:02:46 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET googleredir
googlecm.hit.gemius.pl/ Frame A885 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A885 0
232 B 96ms
36ms Image
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KvtiOAIVoBf_r5-TMU87_11sfjSkkRUi9CGMFMIaHqORKBx9T4CCbf5wnrB78iMkzvhYyQEQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 00E6 4 KB
621 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=90&adk=1880462344&adf=2627832492&pi=t.aa~a.785149281~rp.4&daaos=1670597699128&w=976&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=976x90&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1601&idt=0&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280%2C1200x280&nras=3&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=312&ady=2475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PehaMPBXLZ&p=https%3A//hd.yalla-shoot.video&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 17:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 16:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 17:02:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 00E6 2 KB
765 B 22ms
20ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 00E6 23 KB
9 KB 24ms
22ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 00E6 3 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 00E6 18 KB
7 KB 25ms
23ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 20:31:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 00E6 0
0 41ms
40ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQt3ABoyiRoNSkHAefhZHa1qRFy4sTpXfZMd92QKsMQpWMeyiV3AGvqc-Dbt6xB4hooE6AHNPHwo1zY8SBMXAEO0JQHpw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=90&adk=1880462344&adf=2627832492&pi=t.aa~a.785149281~rp.4&daaos=1670597699128&w=976&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=976x90&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1601&idt=0&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280%2C1200x280&nras=3&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=312&ady=2475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PehaMPBXLZ&p=https%3A//hd.yalla-shoot.video&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00E6 153 KB
47 KB 37ms
37ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 17:02:46 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 00E6 34 KB
14 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:11:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 00E6 0
0 94ms
94ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE-TfNWqTY8TrMv6o998Pz-mg2Az9_ujqbKrNtrf0D8O078LFNBABINXSpI8BYP3oooHwA6AB6vSZsSjIAQmoAwHIA8sEqgTRAU_Q-bcZFk76Md3bWJPAmvx3CDGMIiPc1AoVNVvbTnNSWi4lWCoHKTFUfzC5K-mApzACIlE4SloEzxuUOevHkPJjRByyuwQZtZcgexuC_g5wLUDeeddyhB_b4A8vJJUrc_Crh4UCi3RIBpXOILU1WDJr7edjVuGzPWUzXflJgrMBmHKdLzkJAoBlGauPkqdJwrfZn_amZBL3_qZDxj8HGCtMtPIv7F4-IUtlU2nu_GNQlKcL8l_iQw3xJRuUUCjmU39wpv0yt8S0v6RaME0WTGs1wASd3fPghASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH6qzqkAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCdpQHSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTU3MTgwMzg1NzY5ODc3MzgYAA&sigh=STiiEBYrFtk&uach_m=[UACH]&cid=CAQSOwDq26N9ED6JSpdrYQ4VsfWKsbOHS_tOFEpWCIS7KLeE1G8HiBZ5w4JCqsfQfmAbPpFtDZORNyo7YeQLGAEgEw&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5718038576987738&output=html&h=90&adk=1880462344&adf=2627832492&pi=t.aa~a.785149281~rp.4&daaos=1670597699128&w=976&fwrn=4&fwrnh=100&lmt=1670605365&rafmt=1&to=qs&pwprc=9114103554&format=976x90&url=https%3A%2F%2Fhd.yalla-shoot.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670605365755&bpp=1&bdt=1601&idt=0&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51d3b704864c1917-22966f63edd80024%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA&gpic=UID%3D000008c89a976a7e%3AT%3D1670605364%3ART%3D1670605364%3AS%3DALNI_MYqSlObEUZQ1YYXthaHz368-HohJw&prev_fmts=0x0%2C1000x280%2C1000x280%2C1200x280&nras=3&correlator=6588423047209&frm=20&pv=1&ga_vid=959399767.1670605364&ga_sid=1670605365&ga_hid=1995322343&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=312&ady=2475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44777949%2C44779794%2C44778768&oid=2&psts=AMjMPc1Em7cyjRgx6iieBt7n6stE5e3IfmKdLMOEd8F04aAzSr3t_I3b32TUgWQPxd0kBI7zI8knOCvkwGFBOGLh%2CAMjMPc0SWs0t3aUqUJRlbnI4jtYsyhUtJ7dNq6DcjUMWemU1b2I6fEEivDf2FCyHIrqHpH7wU-xWGfLZ1j-E6GSOUA&pvsid=3576994163935847&tmod=1002225524&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PehaMPBXLZ&p=https%3A//hd.yalla-shoot.video&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/7555031217684409806/ Frame 00E6 35 KB
35 KB 23ms
22ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7555031217684409806/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2786084d2c1d2b4e51ad14079260d86e1bc63039bcd9228e1baca67e00371735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 11:07:03 GMT
x-content-type-options: nosniff
age: 280543
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36017
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 13:47:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Dec 2023 11:07:03 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2769506593453177513/ Frame 00E6 3 KB
3 KB 21ms
20ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2769506593453177513/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89fc843e2f8f3c92775ce246c90a4c31cae7d8535700362598cefa6cae2f6431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:52:49 GMT
x-content-type-options: nosniff
age: 227397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3477
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:05:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Dec 2023 01:52:49 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 55DD 28 KB
28 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 160090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:34:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B636 1 KB
643 B 21ms
20ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 73846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 20:32:00 GMT
etag: 48472445140208031
expires: Fri, 09 Dec 2022 20:32:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 00E6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94ad01308fd7444a7c29f16334ec6d8a872fc5266d9edca4967a6537499b030b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B636
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOIWsLPXUNl8F26WD2uDlqw&google_cver=1&google_push=ASkJ3FZ_58tLoB_qzCCmIzdzUMrjZB8odQKYjwwL5AyVGYeflAdXw7AW1u...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZ_58tLoB_qzCCmIzdzUMrjZB8odQKYjwwL5AyVGYeflAdXw7AW1uJDD4p70uUWI_ASHWSrX3fs_ReV6Ip_X1-laOrRb0pV53LxnQOoNw8-IGqoj...

170 B
188 B

40ms
38ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZ_58tLoB_qzCCmIzdzUMrjZB8odQKYjwwL5AyVGYeflAdXw7AW1uJDD4p70uUWI_ASHWSrX3fs_ReV6Ip_X1-laOrRb0pV53LxnQOoNw8-IGqojtt4cfcBiPuh6SD_h1fiC3RK3r-ltxfqIw8sCQ&google_hm=1LCkgvcsUxFP52NeJENNCA

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZ_58tLoB_qzCCmIzdzUMrjZB8odQKYjwwL5AyVGYeflAdXw7AW1uJDD4p70uUWI_ASHWSrX3fs_ReV6Ip_X1-laOrRb0pV53LxnQOoNw8-IGqojtt4cfcBiPuh6SD_h1fiC3RK3r-ltxfqIw8sCQ&google_hm=1LCkgvcsUxFP52NeJENNCA
pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B636
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESECEAZtRzGQgfdBNEKfHOl8o&google_cver=1&google_push=ASkJ3FamiPdfTio3aUYRuZpcp5M41UpKuVH6YnQCUXUBqddW20pIpvcmf2vXvQhfO4BEPcdW8mM-Qn2Ce1PLt_a...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=aAxz80xPkesLNdzxUl4fkQ&tap=gAds&google_gid=CAESECEAZtRzGQgfdBNEKfHOl8o&google_cver=1&google_push=ASkJ3FamiPdfTio3aUYRuZpcp5M41UpKuVH6...

170 B
188 B

38ms
38ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=aAxz80xPkesLNdzxUl4fkQ&tap=gAds&google_gid=CAESECEAZtRzGQgfdBNEKfHOl8o&google_cver=1&google_push=ASkJ3FamiPdfTio3aUYRuZpcp5M41UpKuVH6YnQCUXUBqddW20pIpvcmf2vXvQhfO4BEPcdW8mM-Qn2Ce1PLt_as8lfE1qMMMREd3wcc4R2m0shwrsEdyNDJsHWvSjYWjcOikZnmmooD2J_Fu8jwvzaazRA

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
date: Fri, 09 Dec 2022 17:05:11 GMT
last-modified: Tue, 11 Oct 2022 18:05:29 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=aAxz80xPkesLNdzxUl4fkQ&tap=gAds&google_gid=CAESECEAZtRzGQgfdBNEKfHOl8o&google_cver=1&google_push=ASkJ3FamiPdfTio3aUYRuZpcp5M41UpKuVH6YnQCUXUBqddW20pIpvcmf2vXvQhfO4BEPcdW8mM-Qn2Ce1PLt_as8lfE1qMMMREd3wcc4R2m0shwrsEdyNDJsHWvSjYWjcOikZnmmooD2J_Fu8jwvzaazRA
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B636
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESELNqWO7caRXCBBqvdu9H0H4&google_cver=1&google_push=ASkJ3FYlmci04zCAYH01Q73QQ9KdJTUcVNaY77BK_GPZKckBKopHWQLkI50J7-SV82vHOeCcXpCJ9fqeX2ywmEnXaNT0v6LPipkfF...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYlmci04zCAYH01Q73QQ9KdJTUcVNaY77BK_GPZKckBKopHWQLkI50J7-SV82vHOeCcXpCJ9fqeX2ywmEnXaNT0v6LPipkfF9LuHPgC-2kcTz8fsN5Hu_TfNQzniWGlZk...

170 B
188 B

39ms
39ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYlmci04zCAYH01Q73QQ9KdJTUcVNaY77BK_GPZKckBKopHWQLkI50J7-SV82vHOeCcXpCJ9fqeX2ywmEnXaNT0v6LPipkfF9LuHPgC-2kcTz8fsN5Hu_TfNQzniWGlZkWusH1PaNZ0CUyUJs4oYfM&google_hm=glcXdFsTxHY3aKBKAK6LUg==

Requested by

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYlmci04zCAYH01Q73QQ9KdJTUcVNaY77BK_GPZKckBKopHWQLkI50J7-SV82vHOeCcXpCJ9fqeX2ywmEnXaNT0v6LPipkfF9LuHPgC-2kcTz8fsN5Hu_TfNQzniWGlZkWusH1PaNZ0CUyUJs4oYfM&google_hm=glcXdFsTxHY3aKBKAK6LUg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: ravjbnj4tgac1snmaubj8p14e06sab5k

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B636
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vsuSXZnVTYmhPnDjqYqmUg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

42ms
39ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vsuSXZnVTYmhPnDjqYqmUg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fayj4kleuZ8YMPfsJW0yOLX4W9fBgi3sdqEyus0YrUDTOpolQxlOjyazxiIeUqPReJo3fGSpAkKUWbCItgy3LPGECHS2bphsHbD3m2XmdxiYoxCC86xJXhP9IHA55VEkt9a5-eJ6hLrnNehf5VbleY

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vsuSXZnVTYmhPnDjqYqmUg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fayj4kleuZ8YMPfsJW0yOLX4W9fBgi3sdqEyus0YrUDTOpolQxlOjyazxiIeUqPReJo3fGSpAkKUWbCItgy3LPGECHS2bphsHbD3m2XmdxiYoxCC86xJXhP9IHA55VEkt9a5-eJ6hLrnNehf5VbleY
date: Fri, 09 Dec 2022 17:02:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B636
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAU2wtOqcMEMieHkTSYQ9X8&google_cver=1&google_push=ASkJ3FZfbsNrcKY88D9MfaH6SOW3JrJ9R0p4Ca0zh7nsrodDVGJp1-h0iD1Nhebmxhl_3vGRc0d...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHUkFVTjYtRC1BS1o5&google_push=ASkJ3FZfbsNrcKY88D9MfaH6SOW3JrJ9R0p4Ca0zh7nsrodDVGJp1-h0iD1Nhebmxhl_3vGRc0dR2SLLcInQPP9oRuTnzPjoFhyXYq_DI...

170 B
188 B

42ms
38ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHUkFVTjYtRC1BS1o5&google_push=ASkJ3FZfbsNrcKY88D9MfaH6SOW3JrJ9R0p4Ca0zh7nsrodDVGJp1-h0iD1Nhebmxhl_3vGRc0dR2SLLcInQPP9oRuTnzPjoFhyXYq_DIG2-cXrmR8JerVeXyj88AZQcUXkBZPxdEHhVO541FaZXyVG5KEM

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHUkFVTjYtRC1BS1o5&google_push=ASkJ3FZfbsNrcKY88D9MfaH6SOW3JrJ9R0p4Ca0zh7nsrodDVGJp1-h0iD1Nhebmxhl_3vGRc0dR2SLLcInQPP9oRuTnzPjoFhyXYq_DIG2-cXrmR8JerVeXyj88AZQcUXkBZPxdEHhVO541FaZXyVG5KEM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B636
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIfX6rfMkJLgAmT6CKHW180&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIfX6rfMkJLgAmT6CKHW180&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIfX6rfMkJLgAmT6CKHW180&google_hm=Y5NqNqQUhZvFDxn-t5xfKwAAAB8AAAIB&google_nid=index&google_push=ASkJ3FZd6H7EyOGkoP339YFjLj9CGCRupV1Um...

170 B
188 B

43ms
43ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIfX6rfMkJLgAmT6CKHW180&google_hm=Y5NqNqQUhZvFDxn-t5xfKwAAAB8AAAIB&google_nid=index&google_push=ASkJ3FZd6H7EyOGkoP339YFjLj9CGCRupV1UmLfEz3Ngn8fmPB-Vw7cEEPAIRyFdNh0LMh7KD9oMi28AwqzdCdUl9g2_8lZ9u1GzFqZSyPcI1LENvUWilKtmNpDAIChWq1XxVWvwTQMnSGGjabrD5--AE9o

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeCULnk9l%2F5qyQ5UxtQeFA%2Fn4tKJ0s8Z1mWXDIOpwppOpCoJsAFC%2BZzfzxOYL0iPp%2BPpYkPPiRtgeD2a9%2BOIQnNTHuMNu2beJLGA7k%2FIvhFCP2YUDWmxg5RddCMh8V1bhfiqgjpEB0PzcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIfX6rfMkJLgAmT6CKHW180&google_hm=Y5NqNqQUhZvFDxn-t5xfKwAAAB8AAAIB&google_nid=index&google_push=ASkJ3FZd6H7EyOGkoP339YFjLj9CGCRupV1UmLfEz3Ngn8fmPB-Vw7cEEPAIRyFdNh0LMh7KD9oMi28AwqzdCdUl9g2_8lZ9u1GzFqZSyPcI1LENvUWilKtmNpDAIChWq1XxVWvwTQMnSGGjabrD5--AE9o
cache-control: no-cache
cf-ray: 776f4f753d07a1ec-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B636
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEAlXv6Dh_aOBzjj0SDQ54NY&google_cver=1&google_push=ASkJ3FYp-W5wyFstFF9bsanIeBFL45LgZp-d6wjIg0SSGRv9kcR5jSLWv1DtL26wINHtA2NsZnZU_36MpqK07OyFxxsJ9z_JaQdO0...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FYp-W5wyFstFF9bsanIeBFL45LgZp-d6wjIg0SSGRv9kcR5jSLWv1DtL26wINHtA2NsZnZU_36MpqK07OyFxxsJ9z_JaQdO0gIK7xqTjORaX_9OOmdMPCLiJ2G-E0...

170 B
188 B

40ms
38ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FYp-W5wyFstFF9bsanIeBFL45LgZp-d6wjIg0SSGRv9kcR5jSLWv1DtL26wINHtA2NsZnZU_36MpqK07OyFxxsJ9z_JaQdO0gIK7xqTjORaX_9OOmdMPCLiJ2G-E0vyQxY9Nm3J3BKWfe1qkWLPsmI&google_hm=8a1a8e490dfb729065a6f216d426fdd7

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FYp-W5wyFstFF9bsanIeBFL45LgZp-d6wjIg0SSGRv9kcR5jSLWv1DtL26wINHtA2NsZnZU_36MpqK07OyFxxsJ9z_JaQdO0gIK7xqTjORaX_9OOmdMPCLiJ2G-E0vyQxY9Nm3J3BKWfe1qkWLPsmI&google_hm=8a1a8e490dfb729065a6f216d426fdd7
date: Fri, 09 Dec 2022 17:02:46 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B636 0
12 B 50ms
36ms Image
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrNqXo93IauBid0qSGtYdasGLjFmFJfy60Pt3YlbxXxHmPv76o9Hi2fReKzYvcnYNlnLui

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00E6 15 KB
16 KB 22ms
20ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:31:34 GMT
x-content-type-options: nosniff
age: 153072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 22:31:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00E6 15 KB
15 KB 22ms
22ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 13:22:36 GMT
x-content-type-options: nosniff
age: 99610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:22:36 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 487D 36 KB
16 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 18:10:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 53ms
52ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f4375376c32d9b959bede80243f536ec7d96ef63d8ab7a2e8a09ecdbc1ca75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11183
x-xss-protection: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BC7 36 KB
16 KB 25ms
21ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 18:10:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 83ms
82ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 17:02:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3270 42 B
64 B 83ms
83ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoGxe_zWDIOmgt8oAeTolwqQnA6CdcxG74MELRxBsakfA-aI2iuske4KX0p4l8wXJusQqM7zZ3qzLuE1xmxfvZp3v-s41kg0owTM72X83SNKcQsU7m1B1VkdESHZSCOfx1G9w&sai=AMfl-YT-RMLvIvcElbzuj3BwGQZGlOO3C_Qp-4lRT4kHRiRGj-g5FsRSszoKopIIpvzFioD8WcqxGZQ5qWPdTbY&sig=Cg0ArKJSzMRWmCcCxqKsEAE&cid=CAQSGwDq26N96463anUPJYOHc6hv91P5KdfCrvEczBgBIBM&id=lidar2&mcvt=1022&p=0,0,280,1000&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=200902044&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670605364635&rpt=900&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 887F 42 B
64 B 83ms
82ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvIM-SIPZ2QQdkfgbsmhuwe2MdzJggwoQ4-nncN5uOH3W3KTCkHzIhyojE_A-ZT-gOpqIksFwwRDbava1TqhtQIFg2qbAV66D7PUjfGzwzE8fR50UaEGat0KUqdXB6a3zIjwE&sai=AMfl-YQhLV5HaXqJ96DXtoNnh82h9zn97l4hFY1N8MfWizFHCdXCBq4pYwIKiFwEdVzwE6iDuf5Co9xBNZuz2Tg&sig=Cg0ArKJSzCIoo1hwpqXGEAE&cid=CAQSGwDq26N9mLQ3hceIoT1rvbTY47-Lxad8-sr5xRgBIBM&id=lidar2&mcvt=1029&p=0,0,280,1000&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2969204344&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670605364624&rpt=894&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7FF 13 KB
5 KB 21ms
20ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 62329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 23:43:57 GMT
expires: Fri, 08 Dec 2023 23:43:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A5AA 783 B
533 B 42ms
41ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

809a235ad34c23f01d19c05c9ff4005207fccd642c02aae316d8a4d9c96687ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Eim3GagTUoinaMADpMXSFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hd.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-Eim3GagTUoinaMADpMXSFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:02:46 GMT
expires: Fri, 09 Dec 2022 17:02:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame D7FF 36 KB
16 KB 24ms
22ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 18:10:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A5AA 0
0 79ms
79ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=3576994163935847&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D7FF 0
10 B 20ms
20ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mgwJdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:02:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C8C2 42 B
64 B 88ms
87ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKHxijPGEs3lDyRP_8batrtQ0JuwDwbnFB0R5M6FjDeMNEtIe2vyem-8u4j42GDlu2rC4yzoWIePr8J03ddpyuSLHO9crWtpMuUz2naQDqdtOKPkcRAuS14A_6ymdjEgeaPu4&sai=AMfl-YR1cpEpSSeqCJcBrcBDODdvfSdWCRJl-RHSSxJKDhuDGsHLMzU4LCjr2tZN0Wi7QBqAIUbRnjRRUcn1d_o&sig=Cg0ArKJSzAPuGJRerWxcEAE&cid=CAQSGwDq26N9mIW2hFQH4ukOj0ZX8nka8t0ilR95BBgBIBM&id=lidar2&mcvt=1004&p=0,1,124.25,1006&mtos=0,756,1004,1106,1158&tos=0,756,248,102,52&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670605365804&rpt=261&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 17:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
84ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=3576994163935847&bg=!GhmlGV3NAAYgquz3AKo7ACkAdvg8WieDIO94Bg7g6Cp1fXffqwGYsPKoFKR4sY87p9N5s7i42llLzQIAAABdUgAAAANoAQcKAMA3LbyiKaPUevIQs5gZYg-IoDzm05IFkHJSM_5buQf7oarYa4sehE9tixBHBEQq306lhl68BJW9hscV_qgXlV1OSw-svtCt1MUNknDO-wjYo0dpEFiVp1mDB0d8XMxRrl4HmXSqITgoaY3ld8m_uW6MYQNlmClCzoerzhiOO2J6Hjk8pW5nYL7A5hPyvY6cjmAGU0Kw0NuuCV350jh00lVfxlYLJLlp9QTMwEL6ztKibVRq-Q9Bzd9DGVrceFfDk6uZAriQaWOeipWMa7Rxby_T3PuWV-l09dPsb7NUxaQUGHm0WU5nGNNtVZOrYuJ5NhGVkytSgI0jmkxQPx_BJJL16tVPMrEUHLAkV8Z7exQuKo8eF9MkYk7Yhx1X0QzsaIBKTPkepwGil5YE2aiNLULu4JTC9MVH0NcUFiNg07ObRFBTmevCYHYlIF_T2IlXc7WvtRZNm_jn-gEL8t4NliBwobFMENIGxzXc71WWZV1oL456127E7epWkYUeX2_8sSdwufdAPma_EdJxnojfRR-Owk9LFN2zj1Ix3AioIAXbzz2YjDqmdI5UANQKW-EQ7YJ7XPkb4rO9mF141tMv-vrir-08vuMNc9ILhEaT4NIEj6n_iV5LY9KxdAvCXcMgsl3Yr9P8pkVMxAvYmfAdkUgIyBnhXHkmGKu3BhCwrDNJvi6ZVzzlPR_AOteHfTZ_4HO8xijf0jzs01SE95nEiNc2yUs3pLLuda3ab1LPs7K19kaaLVNOjZ41NDDSOMFOagNcjtoVGevwDPn8H4NM0bLr8eFiRts2DbTDyRuKNDFwX0qML36stDpTa7TE8xo3aB_exYnm_uFjSFKM0vmhTOWj0s_mxcVmxqiKcrIVrpEX6lclembBjerbRKy7l6zkbPL7pwwkgKuKUSY4kJCPSp45NaijWE75u8qpfxjc8lB3fmTaIns9bRtkIxiUr0vmsS_DDHIGpBxKUsTikuC7BN310Lb-3fpvi76GOd0AuOV8Z0v0YOaQ0rIGcxQm1hOKieRfc6qEAG9Ouda9hyd_B7IbrUy6SwdIgk-6Y9d0LA6b49bwzGQYEwUrHbRVHyE-mIaARCCmg2aHGXtOyV9QWNhr6Giama3CEKHxUALyeqAsdG4-2xJ_2ih5SL-hYloaUYEV58YX5P9wAa5DLE-Qw4yD6eSJV99gQLjAiCc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hd.yalla-shoot.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOOMwgqOr3sLi0fraZ9hn04&google_cver=1&google_push=ASkJ3FYbRRYR7nIK3yeFE8jDrA6fR0NhLlciRGvEWr6am7SNL3O39GQP_vL-vOoCnVEFlMi2Cx43BYl91sCa5NqSMzv1ZKxcjbiLxOAOKVPkGSK4PML5NeSFiBsYSdhWygmsW-fCkt9n4_irXGr5FTNukzQK

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yalla-shoot.video/	1970-01-20 17:39:25	Name: _ga Value: GA1.2.959399767.1670605364
.yalla-shoot.video/	1970-01-20 08:04:51	Name: _gid Value: GA1.2.1008645250.1670605364
.yalla-shoot.video/	1970-01-20 08:03:25	Name: _gat_gtag_UA_107335079_2 Value: 1
.yalla-shoot.video/	1970-01-20 17:25:01	Name: __gads Value: ID=51d3b704864c1917-22966f63edd80024:T=1670605364:RT=1670605364:S=ALNI_MaAmwQ8Q-Zpq9z7eoGyw0qFtokVJA
.yalla-shoot.video/	1970-01-20 17:25:01	Name: __gpi Value: UID=000008c89a976a7e:T=1670605364:RT=1670605364:S=ALNI_MYqSlObEUZQ1YYXthaHz368-HohJw
.doubleclick.net/	1970-01-20 17:39:25	Name: IDE Value: AHWqTUndCwhNKVsHpsiL4xUKvre2uOw_v3fTCruuHfUwtNJIm7QKpZaBRApnjCH-EWc
.doubleclick.net/	1970-01-20 08:03:26	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 08:03:28	Name: DSID Value: NO_DATA
.openx.net/	1970-01-20 16:49:01	Name: i Value: 8eada211-5b12-42af-8bca-2415b7908215\|1670605366
.rlcdn.com/	1970-01-20 16:49:01	Name: rlas3 Value: W7nejP0nion3H7OX1B6U7EePlycUTnvOm0+ObVDsnQs=
.adingo.jp/	1970-01-20 08:46:37	Name: ID Value: 8a1a8e490dfb729065a6f216d426fdd7
.quantserve.com/	1970-01-20 10:13:01	Name: d Value: EF0BCQHiJ4EA
.quantserve.com/	1970-01-20 17:33:39	Name: mc Value: 63936a36-5a5c1-30dd6-ef17f
.rlcdn.com/	1970-01-20 09:29:49	Name: pxrc Value: CLbUzZwGEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 08:04:51	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 16:49:01	Name: CMID Value: Y5NqNqQUhZvFDxn.t5xfKwAA
.casalemedia.com/	1970-01-20 10:13:01	Name: CMPS Value: 031
.casalemedia.com/	1970-01-20 10:13:01	Name: CMPRO Value: 031
.pubmatic.com/	1970-01-20 16:49:01	Name: KADUSERCOOKIE Value: BECB925D-99D5-4D89-A13E-70E3A98AA652
.casalemedia.com/	1970-01-20 10:13:01	Name: CMTS Value: 190
.innovid.com/	1970-01-20 10:13:01	Name: uuid Value: 5a5b7732-a67c-41ff-840d-01f4400a4d2e-20221209 12:02:46

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hd.yalla-shoot.video/(Line 209) Message: <link rel=preload> must have a valid `as` value
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18001917411680734109/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOOMwgqOr3sLi0fraZ9hn04&google_cver=1&google_push=ASkJ3FYbRRYR7nIK3yeFE8jDrA6fR0NhLlciRGvEWr6am7SNL3O39GQP_vL-vOoCnVEFlMi2Cx43BYl91sCa5NqSMzv1ZKxcjbiLxOAOKVPkGSK4PML5NeSFiBsYSdhWygmsW-fCkt9n4_irXGr5FTNukzQK Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
ag.innovid.com
beacon.walmart.com
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hd.yalla-shoot.video
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.33.19
142.251.41.2
20.242.10.199
2600:1f16:b8a:8e01:1ac2:27d:73ba:66ff
2606:4700:3038::6815:ea86
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200a
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2004
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2001
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2008
2620:116:800b:21:4cb8:1820:80ca:50f7
35.190.60.146
35.227.252.103
52.73.27.182
69.173.151.100
8.28.7.81
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
002788b99b0660f2ad50739959ad902bcda0ef8a9d285618a640b2410757f90b
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b0ac6c2d2ac0d5ebe0e13773e95c17a14fba06f0ae20c7cc346e6ddb9b6f6a0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
195e3cc6b14dd71d5c620a60c42d5c562490b178725573edea6060d39810eefc
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
25f9c62ffe2b5123be77183ea0ad924f8d0b38d6e1f96206b4716b9139e55cd9
267157029a6d493bdb47edf14e87ca6913f56bc75d014953f2e25651a79d447e
2786084d2c1d2b4e51ad14079260d86e1bc63039bcd9228e1baca67e00371735
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33342371c4a03d96498f5e463e05b9417be4519c720c60f98c39dcb10be6cdcb
34bd64e8a8c3cedae7398632b995eabe551572b5d6c1e56f7907ae7210050768
3867384a36384899310aa356ff5a1e9e7105c73a916ba557953284b4f77c3292
3be6b0f50a96dc7ba0dc1f701467168d09be84a472de3b157ccde3c159887f10
3cb790408786a00519f3a3f500397d5eff67e322c1bb0acd00bf19060009f739
41f4375376c32d9b959bede80243f536ec7d96ef63d8ab7a2e8a09ecdbc1ca75
44c49c661922cd9dd84609b6185753ac3d8aa7698d1ba32f1361bcb1e7201a9b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
453b389160af06a7d670d477fcb9428cb866ea10d02236f8b89e46b9d6040b9a
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
590956dfc1c3f4fbeb8a34d431cb0b7f339fcf2af0a7b837ff51012a503cca28
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a90c4507b592beeaf7411e02172d1383cefc8c3c709641d70445f59a13466c6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb4703cea4cf5334fdcd6f36514d1b70bc9774dcc094763c0566bf707d348b7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c04201ac2b83e7b67fac179eb93fd469e4f433344a267be583fcd71f9f2fb8
62e730c9e39509774545c5bc9e5b24aa6130c0f2611a0d125e40a1e888fe6385
69bb08337dc0b0475f6dff4963656fa109a2d1952fee2aef40ee97ce6706c77a
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6faa70fde346b9798893d9527545fdac31bab690d499b29d12d1144984c6d757
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
7ceca04485257de474dc33a0955249877beaad0fe3888c6f3069046cf6097113
7db454be9e2a6d0ada482a9635bf5100c11d0187fd66055fa91317092a5f7a51
809a235ad34c23f01d19c05c9ff4005207fccd642c02aae316d8a4d9c96687ca
82ea07b54b25b722ff366af2d1907a0646825804c9a3cc9978a28b1de421e627
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
89fc843e2f8f3c92775ce246c90a4c31cae7d8535700362598cefa6cae2f6431
8dd346e2699932fbed24d45c064274d55ea37dbd0db2caeaf0e03dbea47e2267
8eeac0c568551c6210ad00d9c682d66360f72815789896676acb65cf645381f5
94ad01308fd7444a7c29f16334ec6d8a872fc5266d9edca4967a6537499b030b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5
9e29eb4bbc766231e3ffe0b9332bf7698c7b07fb9a427bb9ffcdba5458daf923
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a43709607e543c11cf8d4f6ea8ae6bf8d1f6f0af425157f43075509a76d6cc6d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b3ad088e4284e8432b801094994abeef30725f53c8c2f5bda9421acc4519d33c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b931c4a10ef4b3ba7142877b5790d37850e0cd2978c74c1dcd9dbdde66fb01eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cd206e5243254b6b9e59dbe37774710ce0abb7e33f173f255f919c2e542129fe
d03fea9f9c0f7bc9ad99dff656a2add7715d7c5c663889129228f484053e1d4f
d071bfb3dc742c5936c348ba5a6f219f2b752649b9091301a6e3155a31e15c58
d2476448bd3ab711a60c9daf21d2c192358b5f86d06f939daa693b294182217c
d4cb909b8a941dec7656e5200e202ba7f5102d12186931f8b0d39cc7019ea8dd
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc
db685238c8f8cc0fd135cb631b17c107c86584f43f829cf4ac70a88ab8bfa225
dbb0d8b26e679e05abec01eea2ac2ec0030824144f3dccb51542ef55b02eb0c2
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e05945fa59af5efba1f3677d0a60ce92862880fbecd23ad1218e74dbafde6c32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e49c673600ce2445b376d60ce36dc8dcffbaf2685775b8eb5b1539401fd5d7
e94fdec09288ba9dcf0e6b13f531c4a4fd9d65929f347d512460ce0fd6c9cfa5
ed3ff85e91a2730c94ae37da2fc45473fa3ec6d9eff479e512273b5e0811df6f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b421628299862c5c5eb9da20478bf4d59ee3eecc2246af4d021c7f1ec37376
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f92a4308e7f3094808a7043875354d582df68fac6ed66d29ed8eb0f3ef44853d
f9d0294636899f1c501eefb78052f3116580cfa811f5552659cad64c82030877
fe75bce48dc7665147c3620302c363f8dba3ff92d878d1028917c3aec5f9dd49
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

hd.yalla-shoot.video Open in urlscan Pro 2606:4700:3038::6815:ea86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

92 %HTTPS

67 %IPv6

21 Domains

25 Subdomains

18 IPs

2 Countries

1652 kBTransfer

3837 kBSize

21 Cookies

0 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hd.yalla-shoot.video Open in urlscan Pro
2606:4700:3038::6815:ea86 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

92 %
HTTPS

67 %
IPv6

21
Domains

25
Subdomains

18
IPs

2
Countries

1652 kB
Transfer

3837 kB
Size

21
Cookies

152 HTTP transactions
17 data transactions